Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
163s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
14/01/2024, 13:49
Static task
static1
Behavioral task
behavioral1
Sample
5b669bf34f09ae4e9306e5e621bb8c45.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
5b669bf34f09ae4e9306e5e621bb8c45.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
5b669bf34f09ae4e9306e5e621bb8c45.exe
-
Size
64KB
-
MD5
5b669bf34f09ae4e9306e5e621bb8c45
-
SHA1
f9a25261a8903f0c0b994088eb4b1b7da6cb8d3a
-
SHA256
8826eb1a4d090b28158fb8999082704695d89f108fbbe44290880a6beb85c926
-
SHA512
70c364d613f3be9d70bd83d454aacc902ca727aa08a404f135fe10b38cd0294a9b4293f811f6bfe51b7a2cbceea3cb08e483a4758f54dca8487dc53f5cada31e
-
SSDEEP
768:TQeSNDTqQxuptHIouOE9x9TvLulLV0qPj8zA/Zb0BNLaIoAwozUilLMIpNiWjPVN:8Dfko5O4xafpjXY7WWlYIpNieV
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe 4328 5b669bf34f09ae4e9306e5e621bb8c45.exe