Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

polar.exe

windows7-x64

7

polar.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2024, 21:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    polar.exe

  • Size

    6.0MB

  • MD5

    b93e1ede650472b073afc3c77956ce18

  • SHA1

    c6af00430a0fb660ca57fe22b299d4a41b11882d

  • SHA256

    467ed67977c96bd2a231f773778f85fe79ee845efc37ee6fe39e14b69da82d36

  • SHA512

    d4461a4172b8cdbb533d73640f013f07543346de13ed0782d87ba3ebc4c34926c35f5de09da2a056045850605613833e853b57fb046b6b75eb2c473d0426764c

  • SSDEEP

    98304:fmEtdFBgQamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RSBM1y3JTsY2TX:fFFMeN/FJMIDJf0gsAGK4RSu17fTX

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\polar.exe
    "C:\Users\Admin\AppData\Local\Temp\polar.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:768
    • C:\Users\Admin\AppData\Local\Temp\polar.exe
      "C:\Users\Admin\AppData\Local\Temp\polar.exe"
      2⤵
      • Loads dropped DLL
      PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI7682\python310.dll
    Filesize

    1.4MB

    MD5

    178a0f45fde7db40c238f1340a0c0ec0

    SHA1

    dcd2d3d14e06da3e8d7dc91a69b5fd785768b5fe

    SHA256

    9fcb5ad15bd33dd72122a171a5d950e8e47ceda09372f25df828010cde24b8ed

    SHA512

    4b790046787e57b9414a796838a026b1530f497a75c8e62d62b56f8c16a0cbedbefad3d4be957bc18379f64374d8d3bf62d3c64b53476c7c5005a7355acd2cee

    Download Submit

  • memory/2944-23-0x000007FEF6320000-0x000007FEF678E000-memory.dmp

    Filesize

    4.4MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.