Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
29/01/2024, 13:44
General
-
Target
KDocks.exe
-
Size
427KB
-
MD5
73231e8612e3955b328528efda1b33c8
-
SHA1
e6f3c4ce06365cb18141105e9c163f3d01db22c7
-
SHA256
ff83005725b53746345cb92ffd49a49458325e4fc757248923a034d95804759f
-
SHA512
597dd7c9e4576e8db7ac98c9d6c366702d1d3c4e3bf410ed7fa9015211e9610fb9627ef4820373a5101e2b8b406d477a8974beee7e102d33807cbeec15833a5f
-
SSDEEP
12288:ECybNrrHyjWTa2wc4TXtUkAhZgT6+DzgNw:qdrS5kGtdFG
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 8 IoCs
-
Suspicious use of SendNotifyMessage 6 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\KDocks.exe"C:\Users\Admin\AppData\Local\Temp\KDocks.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx