Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
18/08/2023, 19:31
Static task
static1
Behavioral task
behavioral1
Sample
4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe
Resource
win10v2004-20230703-en
General
-
Target
4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe
-
Size
13.8MB
-
MD5
1e96a096e1fc6974c41ed6bfa3e7486d
-
SHA1
6e081715ec24d6e653f5e22ba2f3c69528e72be7
-
SHA256
4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292
-
SHA512
82aa05f60eb5c67c9007db9c8adbd6abe760db20f476fc592a1de26a2fe05fd07f3c616379992295b43cd187cb8927af9c703d671836473a7f5f2f5588f55d07
-
SSDEEP
393216:8E7//Tqmi3FRU1fB/y2HyHjycXvx0EAJVPslI62nx9:D7HTqmirU1fB/N0jydEqPMI6a
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/2736-133-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-135-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-136-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-137-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-138-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-139-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-141-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-143-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-145-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-147-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-149-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-151-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-153-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-155-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-157-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-159-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-161-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-163-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-165-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-167-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-169-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-171-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-173-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-175-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-177-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-179-0x0000000010000000-0x000000001003E000-memory.dmp upx behavioral2/memory/2736-180-0x0000000010000000-0x000000001003E000-memory.dmp upx -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2736 4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe 2736 4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe 2736 4c3bb03b71988380ea252f91da60f369cbe86343ecf53406a44d30a0a11a3292.exe