Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
202s -
max time network
211s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
29/11/2022, 16:25
Static task
static1
Behavioral task
behavioral1
Sample
3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe
Resource
win10v2004-20221111-en
General
-
Target
3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe
-
Size
5.3MB
-
MD5
892fecb66f9f7aa0c744873932dd4d1a
-
SHA1
51860757d6bfe6611cda7170a6f81e8d5704e263
-
SHA256
3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8
-
SHA512
790b8b210c5f07c6a178375c5f9059a20d7c75e781f286f0b45948b76ee3c8d342bc5196e09ed04f8ca6c286f55a61d8e6c54b82052e2ce4b5c40362b920e080
-
SSDEEP
98304:yv35m2klpqzR0Q0DJpsGDGkJ/MwiN2wwznIW2oJ7FnQlraXr:yP5CAzR0PlSGD/MwwRynIa7FDb
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4416 3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe 4416 3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe 4416 3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe 4416 3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4416 3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe"C:\Users\Admin\AppData\Local\Temp\3743035ade2c840e405dc38bf85944200990a232f506930e853dbd217a7aafe8.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:4416