Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
185s -
max time network
206s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
02/12/2022, 22:27 UTC
General
-
Target
88f739abef2c0cd774bdff4b896917d6e2ea17102127ce34b0d033995a0e13de.exe
-
Size
20KB
-
MD5
cb3ef495f426bb591e6a6ef31fde8d9a
-
SHA1
4ce44835c5c82cf122e5072a76c338f8766d4a79
-
SHA256
88f739abef2c0cd774bdff4b896917d6e2ea17102127ce34b0d033995a0e13de
-
SHA512
6d5620446f80be39009f7457104bdf3c5a92b59cc0b98762b0efb1901b27e87af6b5987273ca8318fca55fd1c6f71b83101a7ee543623eaec3b454ee6cef9042
-
SSDEEP
192:81F+E9Il5HStd7rw/dI0JC6AUsVTJKs9OTiAqQdj0z:81rJtd90Jv0uswTiAjdj0z
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\88f739abef2c0cd774bdff4b896917d6e2ea17102127ce34b0d033995a0e13de.exe"C:\Users\Admin\AppData\Local\Temp\88f739abef2c0cd774bdff4b896917d6e2ea17102127ce34b0d033995a0e13de.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
-
DNSupdateswin.zigg.meRemote address:8.8.8.8:53Requestupdateswin.zigg.meIN AResponse -
DNS226.101.242.52.in-addr.arpaRemote address:8.8.8.8:53Request226.101.242.52.in-addr.arpaIN PTRResponse
-
DNS226.101.242.52.in-addr.arpaRemote address:8.8.8.8:53Request226.101.242.52.in-addr.arpaIN PTR
-
13.69.239.72:443
-
209.197.3.8:80
-
209.197.3.8:80
-
8.8.8.8:53updateswin.zigg.medns
DNS Request
updateswin.zigg.me
-
8.8.8.8:53226.101.242.52.in-addr.arpadns
DNS Request
226.101.242.52.in-addr.arpa
DNS Request
226.101.242.52.in-addr.arpa