Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20231020-en -
resource tags
arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system -
submitted
18/11/2023, 07:59
Static task
static1
Behavioral task
behavioral1
Sample
86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe
Resource
win10v2004-20231020-en
General
-
Target
86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe
-
Size
8.6MB
-
MD5
a718fe1922e7fcf18d32e97cca3599fa
-
SHA1
38910262cc2bf2941aa820c8fe24815a0b9f719e
-
SHA256
86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47
-
SHA512
037feb08db62aed17f22b7c83ea91ea8f4d35da1c95bde62f59ada5e14f0b29b82e2c5cc1a13a4c23be7d1127c3f7bc97366f4869d5404b3ce980ae4cab5781a
-
SSDEEP
196608:exLiz4n89RlsvT5VOg9FMFd+dRlsvT50O:eE4n89RopDdRo0O
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/4144-0-0x0000000010000000-0x0000000010013000-memory.dmp upx behavioral2/memory/4144-1-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-2-0x0000000010000000-0x0000000010013000-memory.dmp upx behavioral2/memory/4144-3-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-4-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-5-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-6-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-7-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-8-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-9-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-10-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-11-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-12-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-13-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-14-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-15-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-16-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-17-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-18-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-19-0x0000000001390000-0x00000000013AC000-memory.dmp upx behavioral2/memory/4144-20-0x0000000010000000-0x0000000010013000-memory.dmp upx -
Suspicious use of SetWindowsHookEx 5 IoCs
pid Process 4144 86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe 4144 86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe 4144 86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe 4144 86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe 4144 86043f3bdcc6a87942f085b84f14ddb2743a9cb8dceac772c76fb05440ffdf47.exe