Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

299b93dc5f...ca.exe

windows7-x64

1

299b93dc5f...ca.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    299b93dc5f1303be7f4e84f2851fa5ca.exe

  • Size

    321KB

  • MD5

    299b93dc5f1303be7f4e84f2851fa5ca

  • SHA1

    5a6d8d8935f774db8e9f221762293f8551a7aa90

  • SHA256

    52ae16c2ccc9eaa7574da08457e0d0145a1ba7bc370278fca7bfebcc54612568

  • SHA512

    808c00fdf4f3b446a4432a9ff002ac73a9a8d020e953a89bc4fd02a5463779b387375a40f041b86ebf14f9479141e4c6425868b56d97fe58d3d27757cc8f7a66

  • SSDEEP

    6144:vEYZeuUNNxSF99TaIfe+QUvNrhyhkylc5iVjL4/LG8mzFhf4:JeuKNxSFz2IZz9yhkeQ/LGJzD4

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\299b93dc5f1303be7f4e84f2851fa5ca.exe
    "C:\Users\Admin\AppData\Local\Temp\299b93dc5f1303be7f4e84f2851fa5ca.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3740
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3740 -s 492
      2⤵
      • Program crash
      PID:3724
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3740 -ip 3740
    1⤵
      PID:3312

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3740-9-0x0000000002420000-0x0000000002430000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3740-10-0x0000000000400000-0x000000000051D000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3740-8-0x0000000075400000-0x00000000754F0000-memory.dmp

      Filesize

      960KB

      Download

    • memory/3740-7-0x0000000002290000-0x00000000022A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3740-6-0x0000000002420000-0x0000000002430000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3740-5-0x00000000022B0000-0x00000000022C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3740-4-0x00000000773E2000-0x00000000773E3000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3740-13-0x0000000000400000-0x000000000051D000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3740-15-0x0000000075400000-0x00000000754F0000-memory.dmp

      Filesize

      960KB

      Download

    • memory/3740-14-0x00000000021A0000-0x00000000021EE000-memory.dmp

      Filesize

      312KB

      Download

    • memory/3740-3-0x0000000002290000-0x00000000022A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3740-2-0x0000000000400000-0x000000000051D000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3740-1-0x00000000021A0000-0x00000000021EE000-memory.dmp

      Filesize

      312KB

      Download

    • memory/3740-0-0x0000000000990000-0x0000000000991000-memory.dmp

      Filesize

      4KB

      Download