Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Pvt Hooks.rar

windows7-x64

7

Pvt Hooks.rar

windows10-2004-x64

8

Pvt Hooks/Read.txt

windows7-x64

1

Pvt Hooks/Read.txt

windows10-2004-x64

1

Pvt Hooks/...us.dll

windows7-x64

1

Pvt Hooks/...us.dll

windows10-2004-x64

1

Pvt Hooks/...or.exe

windows7-x64

7

Pvt Hooks/...or.exe

windows10-2004-x64

8

.pyc

windows7-x64

3

.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30/11/2024, 06:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pvt Hooks/injector.exe

  • Size

    7.5MB

  • MD5

    5ac349d31df2f8659f3cbafb6c364d63

  • SHA1

    6b897500c22044917fae28b0bfacdf06fb2c9a81

  • SHA256

    38fe07cf164f35010e97497f66a0435b77b625e69a4c211c8c3b111c4afedf5a

  • SHA512

    dea18006743d2e2abfd647f43d24e263aa3725eed1e61b53610fa4f85b7882aced03122dfb7c002e78930772a264befe03568404b62ca50cf290f4734bcf7bb2

  • SSDEEP

    196608:eNxHcLjv+bhqNVoBLD7fEXEoYbiIv9pvvk9fIiZ1ju:GsL+9qz8LD7fEUbiIqQgpu

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Pvt Hooks\injector.exe
    "C:\Users\Admin\AppData\Local\Temp\Pvt Hooks\injector.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Users\Admin\AppData\Local\Temp\Pvt Hooks\injector.exe
      "C:\Users\Admin\AppData\Local\Temp\Pvt Hooks\injector.exe"
      2⤵
      • Loads dropped DLL
      PID:2276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23282\python312.dll
    Filesize

    1.7MB

    MD5

    86d9b8b15b0340d6ec235e980c05c3be

    SHA1

    a03bdd45215a0381dcb3b22408dbc1f564661c73

    SHA256

    12dbbcd67015d6cdb680752184107b7deb84e906b0e8e860385f85d33858a5f6

    SHA512

    d360cc3f00d90fd04cbba09d879e2826968df0c1fdc44890c60b8450fe028c3e767450c3543c62d4f284fb7e004a9a33c52538c2279221ee6cbdb1a9485f88b2

    Download Submit

  • memory/2276-23-0x000007FEF55B0000-0x000007FEF5C80000-memory.dmp

    Filesize

    6.8MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.