Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
25/12/2023, 15:32
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
299b93dc5f1303be7f4e84f2851fa5ca.exe
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
299b93dc5f1303be7f4e84f2851fa5ca.exe
Resource
win10v2004-20231222-en
2 signatures
150 seconds
General
-
Target
299b93dc5f1303be7f4e84f2851fa5ca.exe
-
Size
321KB
-
MD5
299b93dc5f1303be7f4e84f2851fa5ca
-
SHA1
5a6d8d8935f774db8e9f221762293f8551a7aa90
-
SHA256
52ae16c2ccc9eaa7574da08457e0d0145a1ba7bc370278fca7bfebcc54612568
-
SHA512
808c00fdf4f3b446a4432a9ff002ac73a9a8d020e953a89bc4fd02a5463779b387375a40f041b86ebf14f9479141e4c6425868b56d97fe58d3d27757cc8f7a66
-
SSDEEP
6144:vEYZeuUNNxSF99TaIfe+QUvNrhyhkylc5iVjL4/LG8mzFhf4:JeuKNxSFz2IZz9yhkeQ/LGJzD4
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3724 3740 WerFault.exe 14 -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3740 299b93dc5f1303be7f4e84f2851fa5ca.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\299b93dc5f1303be7f4e84f2851fa5ca.exe"C:\Users\Admin\AppData\Local\Temp\299b93dc5f1303be7f4e84f2851fa5ca.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:3740 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3740 -s 4922⤵
- Program crash
PID:3724
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3740 -ip 37401⤵PID:3312