Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
155s -
max time network
165s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
30/10/2022, 14:40
Static task
static1
Behavioral task
behavioral1
Sample
4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe
Resource
win10v2004-20220812-en
General
-
Target
4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe
-
Size
312KB
-
MD5
4958bb65f59b4224db7a555849cf88d5
-
SHA1
c022e0567f31fc7df9b0b1274b577f1dd797b84a
-
SHA256
4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11
-
SHA512
efba5821c1d623b137716f592e4a9d5285df14f8a4e6cacbf526f41ff7c27b4ab298a8da5f30e254dc09016e18cc1dce0be5b0fb4d823d83a6c3e161b5181fa3
-
SSDEEP
1536:MaReUkceuripZumkYzJlTyucHN84S9uDYZT5XaS+N13ROg70jLXnyIdA+Z8h:MaReUkk6YYDSHN84lDYHXahzmCCg
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1408 2052 WerFault.exe 80 -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2052 4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe"C:\Users\Admin\AppData\Local\Temp\4015059f749c6f6720bb13a327f4c8a0235ecef04359bd678dfd19833578fc11.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:2052 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2052 -s 3802⤵
- Program crash
PID:1408
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2052 -ip 20521⤵PID:4016