Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

ItronFCSHelp.exe

windows7-x64

3

ItronFCSHelp.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 21:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ItronFCSHelp.exe

  • Size

    16.9MB

  • MD5

    bff90f501255354c42069acb063997da

  • SHA1

    c389e5b7b7702d029e6781814b65d9178f74a472

  • SHA256

    9ed1ea5db3055b2015d11317b42fd012cf2c3becde14349f577e070f2bc16e27

  • SHA512

    2512ce0ce3b7bcff4045e069066b07058b7567ac90f736a92c769f15dd64186f872deb8eaeae6096eb19c8e742b17e52d148d5735345402eb776604f752cc4b6

  • SSDEEP

    393216:fVkJ9Aw69W+gh98zIwA2WWv9QgZq7LUFFNLEN1A:nt9+hmTWXb7QLGLA

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ItronFCSHelp.exe
    "C:\Users\Admin\AppData\Local\Temp\ItronFCSHelp.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:496
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 496 -s 2296
      2⤵
      • Program crash
      PID:1040
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 496 -ip 496
    1⤵
      PID:4256

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/496-0-0x0000000000400000-0x0000000000A6D000-memory.dmp

      Filesize

      6.4MB

      Download

    • memory/496-1-0x0000000000C90000-0x0000000000C91000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-2-0x00000000028A0000-0x00000000028A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-3-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-5-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-6-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-7-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-8-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-9-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-4-0x0000000002910000-0x0000000002911000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-10-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-11-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-12-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-13-0x00000000765C0000-0x00000000765C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-14-0x0000000076C10000-0x0000000076C11000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-15-0x0000000077322000-0x0000000077323000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-16-0x0000000077280000-0x0000000077281000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-18-0x0000000076C20000-0x0000000076C21000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-19-0x0000000076370000-0x0000000076371000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-17-0x0000000077250000-0x0000000077251000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-20-0x0000000076360000-0x0000000076361000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-21-0x0000000076C00000-0x0000000076C01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-22-0x0000000076BF0000-0x0000000076BF1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-23-0x00000000765B0000-0x00000000765B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-24-0x00000000765A0000-0x00000000765A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-26-0x0000000076FC0000-0x0000000076FC1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-25-0x0000000076990000-0x0000000076991000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-27-0x0000000076FB0000-0x0000000076FB1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-28-0x0000000076FA0000-0x0000000076FA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-29-0x00000000770D0000-0x00000000770D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-30-0x00000000770C0000-0x00000000770C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-31-0x0000000077260000-0x0000000077261000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-32-0x0000000076BE0000-0x0000000076BE1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-33-0x0000000076BD0000-0x0000000076BD1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-34-0x0000000076BA0000-0x0000000076BA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-36-0x0000000076FD0000-0x0000000076FD1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-35-0x0000000077290000-0x0000000077291000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-37-0x0000000077270000-0x0000000077271000-memory.dmp

      Filesize

      4KB

      Download

    • memory/496-38-0x00000000050D0000-0x000000000517F000-memory.dmp

      Filesize

      700KB

      Download

    • memory/496-49-0x0000000006BE0000-0x000000000701C000-memory.dmp

      Filesize

      4.2MB

      Download

    • memory/496-51-0x0000000007020000-0x000000000705B000-memory.dmp

      Filesize

      236KB

      Download

    • memory/496-55-0x0000000007060000-0x00000000070A7000-memory.dmp

      Filesize

      284KB

      Download

    • memory/496-57-0x00000000070B0000-0x00000000071AA000-memory.dmp

      Filesize

      1000KB

      Download

    • memory/496-59-0x00000000071D0000-0x000000000724E000-memory.dmp

      Filesize

      504KB

      Download

    • memory/496-61-0x0000000007880000-0x0000000007887000-memory.dmp

      Filesize

      28KB

      Download

    • memory/496-54-0x00000000051C0000-0x00000000051D9000-memory.dmp

      Filesize

      100KB

      Download

    • memory/496-63-0x0000000000400000-0x0000000000A6D000-memory.dmp

      Filesize

      6.4MB

      Download