Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/03/2024, 17:54

General

  • Target

    c683531d7932a96720f96c4f48d67f95.exe

  • Size

    759KB

  • MD5

    c683531d7932a96720f96c4f48d67f95

  • SHA1

    515b63618e4b413cd9c408b9e6a58899015a5707

  • SHA256

    07a6ae67dd87733a6c3a7b1f8ce364282308384959c4c0e770ce39973025f215

  • SHA512

    141e75c4f38e846b2aaa43fb3829f072c87d6afaa057dcc23db1d8a0609c85e405345cf05881ef56ff6d63f6503d63746e8093bba8bcc89a9b15fc6fdef3e7f4

  • SSDEEP

    12288:LH57IcJYi0AqhXWiVGT2LknaYWgu9Uuqgc5c0w34VlfiFAmxjfvuQ/6X6D:LH5Ec1qhXWsGTSkntWgu9UuqTc0LVlKN

Score
6/10

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c683531d7932a96720f96c4f48d67f95.exe
    "C:\Users\Admin\AppData\Local\Temp\c683531d7932a96720f96c4f48d67f95.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:4424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads