Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0330e56d99...ee.exe

windows7-x64

10

0330e56d99...ee.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    3s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0330e56d9934c003d980696886140aee.exe

  • Size

    136KB

  • MD5

    0330e56d9934c003d980696886140aee

  • SHA1

    186597eef866aea398aea03115bb6dc618c5ba70

  • SHA256

    7376ffc4a3697f8739762e401e785d0235ec04d953ec2ca0418e7fce4f48464d

  • SHA512

    bc0af45e86bac36bace32ed125db5598dee21d59d786a48b93e30052f8aabb5a8595861e1cb31a780d37c5e11aff209fc43d909c947670b692a54e17658459e1

  • SSDEEP

    3072:BmonwjBfQn7WbIqH0ybZBiOllyEmcP82+aVdOt66VGegmv:BmFQn7WbIqH0ybZBiOllyE5D+aVkjseN

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0330e56d9934c003d980696886140aee.exe
    "C:\Users\Admin\AppData\Local\Temp\0330e56d9934c003d980696886140aee.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3076
    • C:\Users\Admin\cooocow.exe
      "C:\Users\Admin\cooocow.exe"
      2⤵
        PID:2956

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads