Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
204s -
max time network
211s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
03/12/2022, 10:25
Static task
static1
Behavioral task
behavioral1
Sample
a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe
Resource
win10v2004-20220812-en
General
-
Target
a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe
-
Size
2.4MB
-
MD5
429c8a13aa2b785fdf0b9e1ef97cab9c
-
SHA1
1aad982ee72f7ac7f5dce9f5afb17d908c8c323a
-
SHA256
a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85
-
SHA512
bab5cdc0c50119007682605bdbb32c5751d1b311d60250d4e3e0b770023b32b18231231ccbf9037f055cee8ae701eba8eeb553bcc6e94f9923b1185d078307fa
-
SSDEEP
49152:azJEEDAUIfSp1pEpeGzDjAtYWuYhsIXRJ/i3zVnc2ZaVCVm:sJ+VfypEp9DyqERABBw
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 1108 a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe 1108 a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe -
Suspicious use of SendNotifyMessage 2 IoCs
pid Process 1108 a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe 1108 a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe"C:\Users\Admin\AppData\Local\Temp\a92cc9826fe47deee01bc0f521a1076960fb7d66d1b50d0904d428f8fe6a8b85.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1108