Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
152s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
05/12/2022, 22:59 UTC
General
-
Target
99c560610a1be8670c52fbf3c4aa0ad56ef49847119788eb939673d63d61951d.exe
-
Size
176KB
-
MD5
fb3a94a28a513f65d30c8afc481b3808
-
SHA1
9bb748ce4708e73d4d939fb08b71b44c9599fc39
-
SHA256
99c560610a1be8670c52fbf3c4aa0ad56ef49847119788eb939673d63d61951d
-
SHA512
1b2590a940f51ab44e09cbc291ea984e4f796844e70b12ca29ffbb6a977e30589558d30f5b4c223246c04c8eebb50b428f4c471aa0fb48730657a53ae73721a9
-
SSDEEP
3072:O6Vy23RQdHwTE3LFdemsO4U5aFOjQvwO+NJd7RN2H6:Oi3IFjQvwOWJNRN2H
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\99c560610a1be8670c52fbf3c4aa0ad56ef49847119788eb939673d63d61951d.exe"C:\Users\Admin\AppData\Local\Temp\99c560610a1be8670c52fbf3c4aa0ad56ef49847119788eb939673d63d61951d.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
-
DNSupdatecopy.dnsd.meRemote address:8.8.8.8:53Requestupdatecopy.dnsd.meIN AResponseupdatecopy.dnsd.meIN A199.115.116.162
-
199.115.116.162:8080updatecopy.dnsd.me
-
93.184.220.29:80
-
20.42.65.89:443
-
104.110.191.133:80
-
104.110.191.133:80
-
8.8.8.8:53updatecopy.dnsd.medns
DNS Request
updatecopy.dnsd.me
DNS Response
199.115.116.162