Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
24/09/2023, 01:48
Behavioral task
behavioral1
Sample
418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe
Resource
win10v2004-20230915-en
General
-
Target
418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe
-
Size
9.1MB
-
MD5
8a741017bfb56f449f08752d4e6e9889
-
SHA1
72d4c0c5a7f2f2b66c732533fde155ebc3754415
-
SHA256
418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e
-
SHA512
104294f5d25ea3d19696d09162b26f84589cd37986d653750e45c125c2f09cedc0a0f33c829c0e537a03e42264856fb769c0622ff19a113362667406f5d16f09
-
SSDEEP
196608:PdLOddNUaM4vRjuqV8amzt2u8gyDU9j+fHejH:V6DuaM4juqV8acUDao
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2252 418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe 2252 418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 2252 418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2252 418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe 2252 418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe"C:\Users\Admin\AppData\Local\Temp\418a1e8a0ae2e924b381a1d9df697a31be727ed7f9d248c20fec162703bf1d8e.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2252