Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
24/02/2024, 04:12
General
-
Target
e49e68796fded179646edc38587d2104.exe
-
Size
386KB
-
MD5
e49e68796fded179646edc38587d2104
-
SHA1
c8d4bba2176abe2944cfc13783e59f12d029bde4
-
SHA256
0a4825adbc2a6c3a148eaee202deb8c4d4c5e357824b1d9c3dcb824a6f2f6399
-
SHA512
fff888f111f04b22f3030dad1937475a709d1ef5417e977a0059ed48161ad088808d66bb57d74236fe72d2a87e0f235c7e7fd01b31bb611d35bfd85b07726a8c
-
SSDEEP
12288:9plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:fxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e49e68796fded179646edc38587d2104.exe"C:\Users\Admin\AppData\Local\Temp\e49e68796fded179646edc38587d2104.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Synthesis\Composition.exe"C:\Program Files\Synthesis\Composition.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
387KB
MD51300c875ac028e0560d08ab1919ab2bd
SHA17bce07958ece0f98b70f3e49f92e4064e8cce5db
SHA2568b86e007cf6490f466e59323e391ae20f0fb01ae5b53d07e4f3e0d36de2f6066
SHA51277ce9b81370d786fcc2a2436e82f5e88280d3f8e77d0fd5a0a2c1ed8184a951ae2bb6d84e51f3eb093ec2334e7aaa4c5693524765c024674b0c43dee16e7dc74