Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
76s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
30/09/2022, 03:45
General
-
Target
derock.exe
-
Size
5.3MB
-
MD5
b4fc61ebe6bfce1125b194e0726b07d3
-
SHA1
acf3c1c2dcf0e810377673e6e2caf1043f8f18a3
-
SHA256
16b948ad8bb9df8c3c0492889cdf3da5e3dc246f36c10e2dda8c91968cad0d2c
-
SHA512
0366b97eb6e7b247c041359eccd89b482e6655cbf9d282de363b8ff2b014eca91058920802152382599036c4641174cf241eb391ab7930f100adc07dc9af37a5
-
SSDEEP
98304:VpzPwTIwKFHW2m5lttY7X5TohKYMrAz+XE:nDwjKFHWBltez5TDYMkp
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\derock.exe"C:\Users\Admin\AppData\Local\Temp\derock.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\notepad.exenotepad C:\Users\Admin\AppData\Local\Temp\DesktopHealthCheck-Output\health-check-report_20220930_034551UTC.json2⤵
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5155c0eb48d831d5b6d322d97c1df5122
SHA1a87ef56644432773c675756cbd96999e9231890d
SHA256a37f1662092d6b78e666d2edaeb1946c973722c5aa64737ebdd746bc0143f563
SHA512076a3f3ddb038b215b329e2be18c55df372bc5ce540e103ee216510ff890fcf8575d5787d87471313fd273c73781048cd66b2f92054c2a6e18747222ae83fd59