Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

hdsentinel_setup.exe

windows10-2004-x64

4

Resubmissions

23/02/2024, 15:39

240223-s3ve2add2v 7

23/02/2024, 15:38

240223-s2167acd44 4

23/02/2024, 15:27

240223-sv2jdada91 7

Analysis

  • max time kernel
    1796s
  • max time network
    1490s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/02/2024, 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hdsentinel_setup.exe

  • Size

    34.9MB

  • MD5

    67b62d83ac137b6a32127508c22214f9

  • SHA1

    8a805eab8b5cb6c40db0c771ceb9f56bf4285b94

  • SHA256

    df8615fa9e63f9d1b471191c074f93cf9ad7fafe6beb3d7d6a45183437eb3fa5

  • SHA512

    cc7f44d9189660f02989c2e80ca303dedde89423a07ea3aaa0b2b86f75f9fae31bdc1c7040052ef72266ea4f1355de24ed491583e5949de1828a347dd0eb94ae

  • SSDEEP

    786432:VK0zdW6/Z5TqkNJmnJ6yLWzrFGRbLyT/uyymbU7Q:7zV/ZNqkaJ64WzrKGz/bUM

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hdsentinel_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\hdsentinel_setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4588
    • C:\Users\Admin\AppData\Local\Temp\is-3OFCG.tmp\hdsentinel_setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-3OFCG.tmp\hdsentinel_setup.tmp" /SL5="$A0064,36281122,68608,C:\Users\Admin\AppData\Local\Temp\hdsentinel_setup.exe"
      2⤵
      • Executes dropped EXE
      PID:408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-3OFCG.tmp\hdsentinel_setup.tmp
    Filesize

    713KB

    MD5

    2cb8feb34a1e6539a06d139797824ede

    SHA1

    2272674fa25fcec6478166d6eff7bb3ca5f529c2

    SHA256

    ad0079154c705680d2e3ebf591e0d9bfc75d007d124b461ca8ef6fcf4a8063b4

    SHA512

    0ed3088384880aa7c4340db35e6847aeb2d425aadc24f5d1b241b1685681108132b7a45505968ea13c80829a40ead72b528e91be1f1a03d79940bf1a19c43883

    Download Submit

  • memory/408-7-0x0000000002350000-0x0000000002351000-memory.dmp

    Filesize

    4KB

    Download

  • memory/408-14-0x0000000000400000-0x00000000004C0000-memory.dmp

    Filesize

    768KB

    Download

  • memory/408-17-0x0000000002350000-0x0000000002351000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4588-0-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4588-2-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4588-13-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download