Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
20s -
max time network
22s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
18/08/2023, 21:03
Static task
static1
Behavioral task
behavioral1
Sample
Adobe GenP 3.0/Resources/Adobe-GenP-3.0.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral2
Sample
Adobe GenP 3.0/Resources/NSudo.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
Adobe GenP 3.0/RunMe.exe
Resource
win10v2004-20230703-en
General
-
Target
Adobe GenP 3.0/Resources/Adobe-GenP-3.0.exe
-
Size
1.5MB
-
MD5
ed76bdafd8d0aeb9429dd3b09d506c1a
-
SHA1
7a2ffe3a4ff3c0b73eb0205b98cca46fe2cfc1a5
-
SHA256
dd0927db589aa8ebd7b81988de635cecfc55da14821f2a3284af2809c16169be
-
SHA512
34cfc2d036c695a8a09992759a777338111392016675484ae4a80490c12ee86ffc1c1a7f178c95aac8d61bd98c0d4b2e35437c11c369c7b7bdedea94ede3c29b
-
SSDEEP
24576:TrORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9TvajHeqtGHhqGx/7m4gDXww7V:T2EYTb8atv1orq+pEiSDTj1VyvBajHej
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 4848 Adobe-GenP-3.0.exe -
Suspicious use of FindShellTrayWindow 3 IoCs
pid Process 4848 Adobe-GenP-3.0.exe 4848 Adobe-GenP-3.0.exe 4848 Adobe-GenP-3.0.exe -
Suspicious use of SendNotifyMessage 3 IoCs
pid Process 4848 Adobe-GenP-3.0.exe 4848 Adobe-GenP-3.0.exe 4848 Adobe-GenP-3.0.exe