Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Procmon.exe

windows10-2004-x64

8

Procmon64.exe

windows10-2004-x64

8

Procmon64a.exe

windows10-2004-x64

procmon.chm

windows10-2004-x64

1

Resubmissions

28/04/2024, 19:57

240428-ypq4cafg35 8

28/04/2024, 19:57

240428-yn71gaff99 8

Analysis

  • max time kernel
    24s
  • max time network
    29s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/04/2024, 19:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    procmon.chm

  • Size

    62KB

  • MD5

    713906de48013c249228d5ff19e333eb

  • SHA1

    dd3bb7d17ed0cdbb2696d0edcad608e1e297b315

  • SHA256

    9d9c7e0160537263c60c6ac0941e63f08fce23431aa4eb19acd25ee1e2be20ee

  • SHA512

    e40b2291b83584d0f0de624aada522805e260694ef66d48260cc472341feb108ca4d3256327386cfd956f8201dca53e095a47c7047ea8e0b54186577cf7d18e4

  • SSDEEP

    1536:PSTpJ9kUpFxvOoIAsWszoKZNZX+xzWmKS01vzWF2JI3ksF/S:yvLOoIA7BKfZOkmE1zk2J9x

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\procmon.chm
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1472

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads