Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
21/04/2024, 23:43
Static task
static1
Behavioral task
behavioral1
Sample
7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe
Resource
win10v2004-20240226-en
General
-
Target
7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe
-
Size
2.4MB
-
MD5
094eedf44709ee36a916783c2a6b6115
-
SHA1
bdcaa69901a04add9a201dc75e65aa35b70c2433
-
SHA256
7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a
-
SHA512
d9959a17a13cfaa0602153a7838960ec20b334d0977eb3ef84edb02b41a6d4ea6ea40b0822832be8d06c0e0e35ffe68abd68abc6b6d52df2f6016ea58ce6a810
-
SSDEEP
49152:3PQEDscc/83svZeE8qapnEK8qhIHMftqf9BXuMxqEB1zO:fQEDtc5ehYB1zO
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz 7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe"C:\Users\Admin\AppData\Local\Temp\7f0b3d0d4524d082931cb60f8af50fd99e8a7176fcc288dd17d7d8087eeb380a.exe"1⤵
- Checks processor information in registry
PID:3868
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4172 --field-trial-handle=2264,i,15001568551143786084,90255922961447677,262144 --variations-seed-version /prefetch:81⤵PID:3684
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD527c7730d1bf9b5a678438359ac56eddc
SHA123dd832df9a03765922f8cf1ed2eaa98df897581
SHA256d1c6c0a327b57dbdf34808a142bec319b00dad91845964b0b595f5e0f265c33f
SHA5129bb8c3078e6959efbcb63107bfaa6651b02352e9dd8337d1776434ecc57aee4ccaec16ea94cc474d22ee9dcb0fd6a1e2ed053d3ea473aa8d456ed4b9d13632ae
-
Filesize
14KB
MD5abc277dec763f57917fe3e507cf67934
SHA1c6ce04e425cd4da7c8e0dc756e87b5ce4886a87d
SHA256c27fdec76231f8e8e1fc7f4b57b7671062f5b26b915b7b646b9e50f67fcb776a
SHA5126537219e5d229602bda620d813566d61f81e5591f84d45e5191773ce62b1db1469c6fc85783b37c86b32402128ff23fd1127c2eaeaf7296dbf5ea64520f0a0bb
-
Filesize
3KB
MD5cc02d759e5a6cb8e4f048f4d69d805f3
SHA1bb07e4b42c03d598547fa00b5ea26776dcf3b0fa
SHA2561a633fcda074e7931fe791bfa99606cd410f04420922afe6c0c6ea4615b6c7a1
SHA512f7e16d4bef9fc7a0a8928cb64d271f5d0f54b5ba292c7d25ecdfce26d19c667f8535e8f23714d6c1ec39d9e91ea06f94434e59d02d488d35f91b1d46fafbc5f4
-
Filesize
3KB
MD5019b7b7f21d9034c7dd8a9eae09d5f73
SHA1a6724e30a14575f860420a7db3ab573b1b1322fd
SHA256b4ad4d2dd7f8fa747ef1112f226416b9ef0cc16f57a5dd6225a38bc3c41e0681
SHA512938355d630ae642b9a24fccd807d07e144714635289310bdb99d4717f38344bee339bba12ae52e35bc8243b257269efd0cc9bff72b82936e6298b9d729abd6fc