Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
128s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
30/12/2023, 07:28
General
-
Target
12255519906f8e866bec93da7a1a3794.exe
-
Size
58KB
-
MD5
12255519906f8e866bec93da7a1a3794
-
SHA1
d539c3b58dcef517cf7f4175431716e18723596a
-
SHA256
b9e21cf406067cab25e3f3ffa75d36f64990ed4ec9cee093caa862d92ac74d31
-
SHA512
ec7bb0845fd15d26cf93742f27dcb967c6b679c1608875120eda8b809566db8dd70204b494e5fe7fb9d6f33f3480990ddd00996b7b7fe88d69e8179778313d2a
-
SSDEEP
768:1zxzTK0TzGEabuRixyRVMkLOZM1KRgcxlPnJzAN7W1+ZhVSpHGStXxUe+WL8on:1zTL/RiofLOO10dHnZ8WAZhwpHxrsLQ
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in System32 directory 4 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\12255519906f8e866bec93da7a1a3794.exe"C:\Users\Admin\AppData\Local\Temp\12255519906f8e866bec93da7a1a3794.exe"1⤵
- Adds Run key to start application
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\iexplore.exeC:\Windows\system32\iexplore.exe2⤵
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
58KB
MD512255519906f8e866bec93da7a1a3794
SHA1d539c3b58dcef517cf7f4175431716e18723596a
SHA256b9e21cf406067cab25e3f3ffa75d36f64990ed4ec9cee093caa862d92ac74d31
SHA512ec7bb0845fd15d26cf93742f27dcb967c6b679c1608875120eda8b809566db8dd70204b494e5fe7fb9d6f33f3480990ddd00996b7b7fe88d69e8179778313d2a
-
Filesize
172KB
-
Filesize
172KB
-
Filesize
172KB
-
Filesize
172KB