Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
07/04/2024, 23:23
Static task
static1
Behavioral task
behavioral1
Sample
90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe
Resource
win10v2004-20240226-en
General
-
Target
90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe
-
Size
299KB
-
MD5
cc10d0a30fc1c5c2312627ff7141cb43
-
SHA1
00fa2020be4293e95b0666b5435f1b3f76ccea89
-
SHA256
90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e
-
SHA512
7891fb75c01e88c47b8d065daff7d3f9963a116334ce15369ca19f04943a7655172ce9924645fb698ea062558365238e839f70f41421f10ef92eb7bf48c7e553
-
SSDEEP
6144:xbF3pSw85DxsoKrlrPE3TtaoybMSeLng4T8:xB3/YxsoKrlriTpSeLndT8
Malware Config
Signatures
-
Modifies AppInit DLL entries 2 TTPs
-
Executes dropped EXE 1 IoCs
pid Process 4648 hdxpvzc.exe -
Drops file in Program Files directory 2 IoCs
description ioc Process File created C:\PROGRA~3\Mozilla\hdxpvzc.exe 90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe File created C:\PROGRA~3\Mozilla\ydmvyrg.dll hdxpvzc.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe"C:\Users\Admin\AppData\Local\Temp\90eaffceff842f9a1f1eef8fb84e5d1f995a1592c371e039fc90b42754aded8e.exe"1⤵
- Drops file in Program Files directory
PID:1980
-
C:\PROGRA~3\Mozilla\hdxpvzc.exeC:\PROGRA~3\Mozilla\hdxpvzc.exe -ilrweca1⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:4648
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
299KB
MD521fceeeb79c4537a82fcebdaab3f2a6d
SHA124ce807092fe76471ec279c2de41f6cea58083e4
SHA256f4eacfa110eef9f6b53e636f632f310cc6bc20add3d585661a9268e52817164d
SHA5122907082264318776cb1b6d8db90ddbc405f705768275f52933f29604256f1abc924b0e24f5ee11b1214983f6e66f0b271de17e881ac530e879169de2423cc2f6