Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1s -
max time network
119s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
05/01/2024, 20:47
Static task
static1
Behavioral task
behavioral1
Sample
4467c915ef1e9e9987fac25aa866d64c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4467c915ef1e9e9987fac25aa866d64c.exe
Resource
win10v2004-20231222-en
General
-
Target
4467c915ef1e9e9987fac25aa866d64c.exe
-
Size
1021KB
-
MD5
4467c915ef1e9e9987fac25aa866d64c
-
SHA1
ea264148ce1a4bac27ce1f88d8e385136c0cc06b
-
SHA256
4aaec88de49fb87e7d1896934b3689de14140fc6730acd5681a6bc6e5199c839
-
SHA512
ad19fd4c73b86246d696a3559aa34f330703a701372c95b233ce86afa4ff8389748de97eccf00da736db10d7c071b24093b59a4bafde4ee6b00a4310958f7b88
-
SSDEEP
24576:X5Hgh7n1tQxOGwpFl4fo0bl6ZOIVSxwP6+h:X5Ah7Q8VWXkZowy+
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 5076 4467c915ef1e9e9987fac25aa866d64c.exe 5076 4467c915ef1e9e9987fac25aa866d64c.exe 5076 4467c915ef1e9e9987fac25aa866d64c.exe 5076 4467c915ef1e9e9987fac25aa866d64c.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 5076 4467c915ef1e9e9987fac25aa866d64c.exe 5076 4467c915ef1e9e9987fac25aa866d64c.exe