Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
27/10/2022, 12:13
Static task
static1
Behavioral task
behavioral1
Sample
56e5f08.exe
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
56e5f08.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
56e5f08.exe
-
Size
1.5MB
-
MD5
f70962a7883fefe8defa224c1ffdadfa
-
SHA1
efd06b7c1b5ead8cec2cd029a8d8ccb0c46ee2da
-
SHA256
3e726854ff0a0046de458afc2cd58cfc37430b4c7969395111398f47d8f63bb4
-
SHA512
678c10874e6089acde5c57cdc64e11a76cbc9b3e7c882f9c1eaa619f897675c8f145e4be4825d8197edb2e645035a0953c3ed5a34da3e84d013fea5599699761
-
SSDEEP
24576:layO3TM6N6Ld8d59BEF3o34IXWF9WrvdvgNt973ccC/498dDdKWO4474joBfhiL2:gyO3L08dv29WDdvgxM4OdsAM+6w
Score
4/10
Malware Config
Signatures
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_bs.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ka.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_quz.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_sr-Cyrl-RS.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_sr-Latn-RS.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ca-Es-VALENCIA.dll 56e5f08.exe File opened for modification C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeUpdateSetup.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_bg.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_km.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_nn.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_or.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_tt.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeComRegisterShellARM64.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_kn.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_lt.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_zh-TW.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_lb.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\psmachine.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\NOTICE.TXT 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_am.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_cs.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_es.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_nl.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_gd.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeUpdateSetup.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\psmachine_64.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\EdgeUpdate.dat 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_da.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_en.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_fr.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_bn-IN.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ne.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_th.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdate.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeUpdateCore.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_iw.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ko.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ml.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_mr.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ms.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_eu.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_mi.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_mk.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_pa.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ug.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_hu.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_nb.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_sr-Cyrl-BA.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\psuser_64.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ar.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_uk.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_zh-CN.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_el.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_et.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_fil.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_pt-PT.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_ru.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_te.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_kk.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\MicrosoftEdgeUpdateOnDemand.exe 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_hi.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_pt-BR.dll 56e5f08.exe File created C:\Program Files (x86)\Microsoft\Temp\EUB0F5.tmp\msedgeupdateres_sk.dll 56e5f08.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\56e5f08.exe"C:\Users\Admin\AppData\Local\Temp\56e5f08.exe"1⤵
- Drops file in Program Files directory
PID:5072
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:2056