Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
23s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system -
submitted
25/05/2024, 23:45
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Frost.exe
Resource
win11-20240426-en
2 signatures
150 seconds
General
-
Target
Frost.exe
-
Size
164KB
-
MD5
a2cc9208e378127a28374ea4a9d11768
-
SHA1
a1a78cac58651b33cc2cc1df11e8fcf677dcc505
-
SHA256
ccef6ac06941ca93eb7fbf653b95bec478fbe6cf2513482644b2fddb01f79b3c
-
SHA512
c424040141e4ce9264417526fd21a1eee40264a831c37e47311035f559fb617ad429d811c0d71cd5f0189ee9a163e84673c53a567bbaab0c38a04652c780c9aa
-
SSDEEP
3072:xczkitvo4BpYN/6mBPry8TXROLdW5m4mUR59OOGs0kGXpDE2kb:xA4NCmBPry/N2lOO1iE
Score
1/10
Malware Config
Signatures
-
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings\MuiCache MiniSearchHost.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2176 MiniSearchHost.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Frost.exe"C:\Users\Admin\AppData\Local\Temp\Frost.exe"1⤵PID:4940
-
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2176