Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
Kidux32.dll
windows7-x64
1Kidux32.dll
windows10-2004-x64
1Kidux64.dll
windows7-x64
1Kidux64.dll
windows10-2004-x64
1Qt5Core.exe
windows7-x64
1Qt5Core.exe
windows10-2004-x64
1YouTube Pr....0.exe
windows7-x64
8YouTube Pr....0.exe
windows10-2004-x64
8alocal.exe
windows7-x64
1alocal.exe
windows10-2004-x64
1drivefsext.exe
windows7-x64
1drivefsext.exe
windows10-2004-x64
1Analysis
-
max time kernel
106s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
13/09/2022, 00:18
Static task
static1
Behavioral task
behavioral1
Sample
Kidux32.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Kidux32.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
Kidux64.dll
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
Kidux64.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
Qt5Core.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
Qt5Core.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
YouTube Proxy Viewer v1.0.exe
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
YouTube Proxy Viewer v1.0.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
alocal.exe
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
alocal.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral11
Sample
drivefsext.exe
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
drivefsext.exe
Resource
win10v2004-20220812-en
General
-
Target
Qt5Core.exe
-
Size
278KB
-
MD5
8111ebde6b1fda66d48cdb4f719b71df
-
SHA1
386bca5f2460a937bf38aa502370f3a64c9f5319
-
SHA256
a67010ee45138a89f3df1f21996d76de0dda5c20d69f946cb9f4c45e3063d555
-
SHA512
b7bb16b9131cb11a41d9068c3fc7d8a0970e6d42ceef3957ced5af25015a4f61fdf8dccdd966444b09845a129cbc8aeb276981f4664460d69d29d74ee9960d35
-
SSDEEP
3072:ITBNjX4FnqiGU7LvAjc+H4HiwAeUhIsOZjTsN4017Y5bQ+TBNjX4NnqiGU7LvAjX:k+rq1cxb+e
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 220 Qt5Core.exe 220 Qt5Core.exe