Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0ad3588535...ac.exe

windows7-x64

10

0ad3588535...ac.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    3s
  • max time network
    116s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ad35885356beb5f38b93d80742bcaac.exe

  • Size

    156KB

  • MD5

    0ad35885356beb5f38b93d80742bcaac

  • SHA1

    2ba83bd0b25f777ec79c2151f6e8f104cf37422d

  • SHA256

    8790f44becd20cc8c802469e1eada27d8697f8c572c488a8e38ccdd932c51b2f

  • SHA512

    7b178e97e348b434afb781249ccf3dc81d91d8673d699a0c8ff896be21077bca31996a1ed06422ca8ac50ee0455349917847fb21fb1f53f1f268eedc006f07bc

  • SSDEEP

    3072:DpJb4FgyqTRlU3NhCBvu9pjZEwDxdr8Jree:9J9Rl+NhwWrjuwDQN

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ad35885356beb5f38b93d80742bcaac.exe
    "C:\Users\Admin\AppData\Local\Temp\0ad35885356beb5f38b93d80742bcaac.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4828
    • C:\Users\Admin\xooob.exe
      "C:\Users\Admin\xooob.exe"
      2⤵
        PID:548

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\xooob.exe
      Filesize

      16KB

      MD5

      d2b2163c6e92c29524da28e8a2e2b834

      SHA1

      fa06f7e318877b2639f54981ee23bc469b2add03

      SHA256

      609d706e62ce4e7055aa3ce56d2829ce180930ddda7634d4a634154d68ee3c42

      SHA512

      bbc8cbe307cf6b4ec83099bb0daab958139af59a65c67cad3ffa3f38d6b078d7a2177b9327e138837afcfddb431175a11820d2b0c76eaa7e76236056c7ea73a8

      Download Submit

    • C:\Users\Admin\xooob.exe
      Filesize

      14KB

      MD5

      d3e70caeb320a93847f47d42cc7959d7

      SHA1

      e300baf4bf80e6ef50d9da0f9b58fc7d0fdb54f0

      SHA256

      85dc8dc3483dd6135bc2a6064d18a715ceae570ef15d08facec52bcb83cef819

      SHA512

      40ed3f895a44928cd8c01913ef1b147bd65f7c76e5de39a07867a916eb8a01793c205aabfd7ec1406cd67682039f506acf5f01dd2372ffa83954ec7f7fe8f1da

      Download Submit

    • C:\Users\Admin\xooob.exe
      Filesize

      39KB

      MD5

      6ad2e5d05da0699bd3ddd3bdc65ba17b

      SHA1

      e2ac1c2d8f36955517bf5a28440f969959124bf2

      SHA256

      aefef2b540ed08e02171b806b6a7cdcb85aa8f13e18a3c58c38e29d64cfb97ba

      SHA512

      c78e66cc05380127c4ed157fb51d0ab962aa47115f9b22007c37a655a847dc33f8fc01dac6002851ab262257de1dc1f9caf41b33fdd873d0e3b97376318fd743

      Download Submit