Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
135s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
15/03/2024, 15:11
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
cbbb1ff8aa2f2d2e80b15b0b61230eba.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
cbbb1ff8aa2f2d2e80b15b0b61230eba.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
cbbb1ff8aa2f2d2e80b15b0b61230eba.exe
-
Size
6KB
-
MD5
cbbb1ff8aa2f2d2e80b15b0b61230eba
-
SHA1
c0fada71d00ea717b00d5835d655fa1be567873c
-
SHA256
a2e99cae1b505231e520a53071df00d7ff35543a098c7cda13c58eeced0b9073
-
SHA512
75a9c6582785249f22b427f82933751ddf6823d008442c8f5ee90e979f47550335a36a9a3d7afd0c9ae04baade2387f3d7eecb2f459276bf65f72b352f1002fb
-
SSDEEP
96:KitvddyuBgtZXTDRMiImehLuq2p/KeNvTwi8434fwVzkJ:KiwuyX5Be5l2p/Kgwi8q4fwVzk
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 10 IoCs
description ioc Process File opened for modification C:\Windows\dl.html cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\dlm.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\mssys.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\test cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\mstaskss.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\secure.html cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\reg33.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\dl.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\dlm.html cbbb1ff8aa2f2d2e80b15b0b61230eba.exe File opened for modification C:\Windows\msstasks.exe cbbb1ff8aa2f2d2e80b15b0b61230eba.exe -
Suspicious behavior: EnumeratesProcesses 36 IoCs
pid Process 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe 5076 cbbb1ff8aa2f2d2e80b15b0b61230eba.exe