Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

078e13b6f0...18.exe

windows7-x64

7

078e13b6f0...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

partner67.exe

windows7-x64

7

partner67.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    127s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2024, 21:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    partner67.exe

  • Size

    53KB

  • MD5

    8f341587089816847049072f2f9f436f

  • SHA1

    62b5142ef987ab18b0d9c8bda76defa4ba6fffaa

  • SHA256

    23ef89b543c84c379975a044ae20b7b156cd74ab65875c0029b1a485927d1d7d

  • SHA512

    59b79c09895edef799ed316b96935e2e48a2d464db0bc0c98df436f607cde0c4f7879fd60f3778ef06a09eaef723e73398ee128b3b628046f2a87031ed0e75bc

  • SSDEEP

    1536:WpgpHzb9dZVX9fHMvG0D3XJAkrf2z9rjd1V/DO8:8gXdZt9P6D3XJAkrOzNhDL

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 15 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\partner67.exe
    "C:\Users\Admin\AppData\Local\Temp\partner67.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nso639.tmp\Dialer.dll
    Filesize

    3KB

    MD5

    068ba6a2cece65f680895ea627f71e39

    SHA1

    27070d0fa949a80360426f37b3dfe9eaa0ed66f4

    SHA256

    ef649d2b3daed72b0778ab6b3f22a02e288fd009cf9e7e76eb1991451e580f82

    SHA512

    adf99b31790694d8ad02c56b1cb7c9dadeac49d492225a2d297654bfcd617f3afad23990d1d695fba03af1c355456e2e7c3e972eaa9b5ab1770bbb6eef0e733f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nso639.tmp\System.dll
    Filesize

    11KB

    MD5

    c17103ae9072a06da581dec998343fc1

    SHA1

    b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    SHA256

    dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    SHA512

    d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nso639.tmp\inetc.dll
    Filesize

    24KB

    MD5

    1efbbf5a54eb145a1a422046fd8dfb2c

    SHA1

    ec4efd0a95bb72fd4cf47423647e33e5a3fddf26

    SHA256

    983859570099b941c19d5eb9755eda19dd21f63e8ccad70f6e93f055c329d341

    SHA512

    7fdeba8c961f3507162eb59fb8b9b934812d449cc85c924f61722a099618d771fed91cfb3944e10479280b73648a9a5cbb23482d7b7f8bfb130f23e8fd6c15fb

    Download Submit