Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    126s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/03/2024, 18:53

General

  • Target

    HtmlAgilityPack.pdb

  • Size

    311KB

  • MD5

    96c558a3508bdbe7eaabc84e50078e88

  • SHA1

    0a51832edd44061546afd14aff8c73919b324a45

  • SHA256

    39321f884f2a293df319da78523a1e78f799dd332b91f0bbb069b7db3e7422c7

  • SHA512

    2ccd5ca1d1733256bb2a9f81bff55cb4461e0429732db29b21949436d417a489a9feacf8f7d27dadeb70d26c6f066811a60599c25e5937783825c1f242ad509e

  • SSDEEP

    3072:FvoVOvLHMh1XEX9977p/SjdR80j4+5R5n15JDwK6R:ZvDeE9977ZYn88R5n15JDwV

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\HtmlAgilityPack.pdb
    1⤵
    • Modifies registry class
    PID:2280
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads