Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
105s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
30/10/2022, 05:59
Static task
static1
Behavioral task
behavioral1
Sample
26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe
Resource
win10v2004-20220812-en
General
-
Target
26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe
-
Size
30KB
-
MD5
933e59e6cb3c1343abb87d637cb99c60
-
SHA1
c414e1516af8d9054ef7e958e168cb4106c3fc83
-
SHA256
26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4
-
SHA512
5efb476eb73a8c958db467890e7dc9973dd23106995de2e1960a97064799cd9cabe9c2750a47695dcf815026cf4a693df6c27460c7403eb4fd4b39d075bdb6ce
-
SSDEEP
384:uE6/xRFH7AhD7+8lQxMO7U1VN+uXL7SkjkKqu3pLAY1a/9Tt:uE6/xLQq8lxO7juX/qKX3iOa/9Tt
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4836 4336 WerFault.exe 80 -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4336 26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe"C:\Users\Admin\AppData\Local\Temp\26af4e489705ce9f33b1393323e7750c075045b5a9c8b15dd21d2a0462800fe4.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:4336 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4336 -s 6642⤵
- Program crash
PID:4836
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 4336 -ip 43361⤵PID:4624