Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
20s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
24/12/2023, 18:42
Static task
static1
Behavioral task
behavioral1
Sample
0cb63e215731038dc64c0af8f4d12b70.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0cb63e215731038dc64c0af8f4d12b70.exe
Resource
win10v2004-20231215-en
General
-
Target
0cb63e215731038dc64c0af8f4d12b70.exe
-
Size
328KB
-
MD5
0cb63e215731038dc64c0af8f4d12b70
-
SHA1
6f037a75fa25877f928fad3dbdb21dc967e81dd0
-
SHA256
28c54bf3f92960fcaac41ef5b6a124bf59b61d6345bbd7f688b248653a566d1e
-
SHA512
314032aaac20b75d5d3b28b3a55a7811be816888bf5575b6fcaff4932bd2c88ccc424338b98233b12176ee441b9df05b3c4f2ef0fac6277d357c5b482317a267
-
SSDEEP
3072:0aS1jxKgNx+uD7mEVSuekhGkYrQRVZq3eFo4ejLnlQISQLpyhZu6qyKT4pS04/FT:knNxd2WGk1Y3nmQcuyKT4wLOdud
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4148 0cb63e215731038dc64c0af8f4d12b70.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
69KB
MD52ce1dde0ee6a0962f2b242856b3697d1
SHA123000c47c95ec8396e1bd39480d0e9e3080bf872
SHA2560f689b42d8828f09f5fdba0b6c621c1ef07f737d9ed3ab14de9bd5c5a42667b7
SHA51253cc46623acb1ecb993c50c9fb2312332993c55f6be3dc21b1726ef85ec286bc8ad89cac16883b58e86090ee6cef876b8540e80866ecc4365655d4f52eeff73f
-
Filesize
5KB
MD59e0d04318f10b1c93548327d40804cbe
SHA1eb703cd09c5ee44440702d666ee59050c88f5209
SHA256b2cb646b3bbb6ce0707386e360a2b0ccc9f4fe46b2997d8a2cbc5cb49e98b4c3
SHA5123672a2838295d3837abeb81d97203497162f23c3d6a6bf211e7026acdfe984126d3975df57de366c37e79376d4752a2c8b61fccf59a8d636344759a2fb33612e