Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3MyDockFind...64.exe
windows11-21h2-x64
1MyDockFind...te.dll
windows11-21h2-x64
1MyDockFind...te.dll
windows11-21h2-x64
1MyDockFind...te.exe
windows11-21h2-x64
1MyDockFind...te.dll
windows11-21h2-x64
1MyDockFind...te.exe
windows11-21h2-x64
1MyDockFind...te.exe
windows11-21h2-x64
3MyDockFind...nd.exe
windows11-21h2-x64
1MyDockFind...re.exe
windows11-21h2-x64
1MyDockFind...ss.exe
windows11-21h2-x64
1MyDockFind...as.dll
windows11-21h2-x64
1MyDockFind...40.dll
windows11-21h2-x64
1MyDockFind...pp.dll
windows11-21h2-x64
1MyDockFind...40.dll
windows11-21h2-x64
1MyDockFind...hs.dll
windows11-21h2-x64
1MyDockFind...ht.dll
windows11-21h2-x64
1MyDockFind...eu.dll
windows11-21h2-x64
1MyDockFind...nu.dll
windows11-21h2-x64
1MyDockFind...sn.dll
windows11-21h2-x64
1MyDockFind...ra.dll
windows11-21h2-x64
1MyDockFind...ta.dll
windows11-21h2-x64
1MyDockFind...pn.dll
windows11-21h2-x64
1MyDockFind...or.dll
windows11-21h2-x64
1MyDockFind...us.dll
windows11-21h2-x64
1MyDockFind...0u.dll
windows11-21h2-x64
1MyDockFind...40.dll
windows11-21h2-x64
1MyDockFind...0u.dll
windows11-21h2-x64
1MyDockFind...40.dll
windows11-21h2-x64
1MyDockFind..._1.dll
windows11-21h2-x64
1MyDockFind...pp.dll
windows11-21h2-x64
1MyDockFind..._2.dll
windows11-21h2-x64
1MyDockFind...pp.dll
windows11-21h2-x64
1Analysis
-
max time kernel
142s -
max time network
155s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
28/02/2024, 23:47
Static task
static1
Behavioral task
behavioral1
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dock_64.exe
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dockmod32_update.dll
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dockmod64_update.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dockmod64_update.exe
Resource
win11-20240221-en
Behavioral task
behavioral5
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dockmod64arm_update.dll
Resource
win11-20240221-en
Behavioral task
behavioral6
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Dockmod_update.exe
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Mydock_update.exe
Resource
win11-20240221-en
Behavioral task
behavioral8
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/ScreenRound.exe
Resource
win11-20240221-en
Behavioral task
behavioral9
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Temperature.exe
Resource
win11-20240221-en
Behavioral task
behavioral10
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/UiAccess.exe
Resource
win11-20240221-en
Behavioral task
behavioral11
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/Microsoft.Graphics.Canvas.dll
Resource
win11-20240221-en
Behavioral task
behavioral12
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/concrt140.dll
Resource
win11-20240221-en
Behavioral task
behavioral13
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/concrt140_app.dll
Resource
win11-20240221-en
Behavioral task
behavioral14
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140.dll
Resource
win11-20240221-en
Behavioral task
behavioral15
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140chs.dll
Resource
win11-20240221-en
Behavioral task
behavioral16
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140cht.dll
Resource
win11-20240221-en
Behavioral task
behavioral17
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140deu.dll
Resource
win11-20240221-en
Behavioral task
behavioral18
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140enu.dll
Resource
win11-20240221-en
Behavioral task
behavioral19
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140esn.dll
Resource
win11-20240221-en
Behavioral task
behavioral20
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140fra.dll
Resource
win11-20240221-en
Behavioral task
behavioral21
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140ita.dll
Resource
win11-20240221-en
Behavioral task
behavioral22
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140jpn.dll
Resource
win11-20240221-en
Behavioral task
behavioral23
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140kor.dll
Resource
win11-20240221-en
Behavioral task
behavioral24
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140rus.dll
Resource
win11-20240221-en
Behavioral task
behavioral25
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140u.dll
Resource
win11-20240221-en
Behavioral task
behavioral26
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfcm140.dll
Resource
win11-20240221-en
Behavioral task
behavioral27
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfcm140u.dll
Resource
win11-20240221-en
Behavioral task
behavioral28
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/msvcp140.dll
Resource
win11-20240221-en
Behavioral task
behavioral29
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/msvcp140_1.dll
Resource
win11-20240221-en
Behavioral task
behavioral30
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/msvcp140_1_app.dll
Resource
win11-20240221-en
Behavioral task
behavioral31
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/msvcp140_2.dll
Resource
win11-20240221-en
Behavioral task
behavioral32
Sample
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/msvcp140_2_app.dll
Resource
win11-20240221-en
General
-
Target
MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/Mydock_update.exe
-
Size
227KB
-
MD5
0c2e74cc58c765c7f0637b0d7b5ac085
-
SHA1
8df10a145877575a2d7e3eaeafa411c652391ecc
-
SHA256
2a06d0767f2065279f776f6f1cb1a57b40e76ecbade422296d8dcb38c99b6c1f
-
SHA512
22e4cfdb0015370574e6bf4bb3764bbb223feee8062eca1b618e657b1ede1717dd1424373a94a4d811e98bf22f5b95df926f4af2b36884c2c456f82b42eeb550
-
SSDEEP
3072:B7KQB6eV4fyVV0j/n9N5rlLa4RQQhePxNIknxaGEVddVcVvQczix2czcxX:tKc6fV9zhbTcaxdIVQKfKE
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 22 IoCs
pid Process 1192 Mydock_update.exe 1192 Mydock_update.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe 2032 Dock_64.exe -
Suspicious behavior: RenamesItself 1 IoCs
pid Process 2032 Dock_64.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeDebugPrivilege 2032 Dock_64.exe Token: SeShutdownPrivilege 2032 Dock_64.exe Token: SeCreatePagefilePrivilege 2032 Dock_64.exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2032 Dock_64.exe 2032 Dock_64.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2032 Dock_64.exe 2032 Dock_64.exe -
Suspicious use of WriteProcessMemory 5 IoCs
description pid Process procid_target PID 1192 wrote to memory of 268 1192 Mydock_update.exe 81 PID 1192 wrote to memory of 268 1192 Mydock_update.exe 81 PID 1192 wrote to memory of 268 1192 Mydock_update.exe 81 PID 4704 wrote to memory of 2032 4704 explorer.exe 85 PID 4704 wrote to memory of 2032 4704 explorer.exe 85
Processes
-
C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\Mydock_update.exe"C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\Mydock_update.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1192 -
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe" C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\dock_64.exe2⤵PID:268
-
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding1⤵
- Suspicious use of WriteProcessMemory
PID:4704 -
C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\Dock_64.exe"C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\Dock_64.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: RenamesItself
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:2032
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD523370897b713f6897d5bfae3f1d9fe02
SHA170a75401dd8b7f0894b1f58d2b110fbdd5b63513
SHA256c8dd39b6e03522f71accc56b6b40454ffee0e37175c6b282d015289a5889ddb9
SHA51213c59de61f82813ecf3ddf88143a9fe000a50f39ee6fb95ea80ceb991fecf7850380ce82e03e07e84ab2db403aeb6b858f18582c5526723fd5f48b0c83635a9c
-
Filesize
1KB
MD59a12a8ddd4a49acec96e08b844574058
SHA1d6ab7ec55f8add7f0dd7cf1ce2167b1a94491c17
SHA256670c899260f9107a0ae2a9e60ee9891cf2170897019f83439b92991b2fc62770
SHA51271e395914fa4336e35c1f24d8e643676b164e141bac1de8e9b3452699ea1b9fe5129c0a792fb75c3d73133b46bb3f63cdb5b904eb94f0c49e02c145a0ec64f13