Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

aead5f8a50...e5.exe

windows7-x64

9

aead5f8a50...e5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/05/2024, 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aead5f8a50a452f64f8dc540ae9b1c6d3457479196e4d59f5bb2fceaf6a617e5.exe

  • Size

    5.7MB

  • MD5

    f4ab1f3cd0b25046a92f9a5e3ee685c8

  • SHA1

    bad6466cf662a305665ac3dc83e346f809f25d76

  • SHA256

    aead5f8a50a452f64f8dc540ae9b1c6d3457479196e4d59f5bb2fceaf6a617e5

  • SHA512

    c23894c7566ceeff1107f05d296ddebf980eb36cc2862fac992d3f0166e73775bac2aaa1a5d6ea96f676c6cb21baa56b23d3dc52f131870acb7515b5ca963705

  • SSDEEP

    98304:j/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmYkV2:mMD+cpvJ/4H3nmghWoa/fsysMF4JD85S

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aead5f8a50a452f64f8dc540ae9b1c6d3457479196e4d59f5bb2fceaf6a617e5.exe
    "C:\Users\Admin\AppData\Local\Temp\aead5f8a50a452f64f8dc540ae9b1c6d3457479196e4d59f5bb2fceaf6a617e5.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4684
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=2668,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=3864 /prefetch:8
    1⤵
      PID:4728

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
      Filesize

      652B

      MD5

      ac3caefd7d973cbed59e575e1fdb1dc9

      SHA1

      1a72a4d449d0b14a4ce837678a7bc0411e36bece

      SHA256

      44f114e1faf14de28e4b299a825ffa3ee7593e67f9b072df2f695aeb345d12c1

      SHA512

      aa255077a9ee88a7f72427a0fa5a46829acb29dbd59ebf62ed1468f1cd44ae0b7d10dbea4054620df44e7851a73e7ded4524935de89971010161e8035fe2f9c5

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
      Filesize

      15KB

      MD5

      2a6f78a464921979a27b65a2113b6743

      SHA1

      45f91e325fdcbdad931be11a7f93327c5f6ff927

      SHA256

      cac94cb6dac5bf7d91e3c4cb96e5224dc252ed2dcb8397a320adcda18dca3f76

      SHA512

      bd38f812c244aebb8e4ca3c5e8532fe7801db21b2318a563d045194fa0b59b41c4bfb2d59567d92d13eed293de6026cf7ad2c13983fef2654bfd953b80328dab

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
      Filesize

      310B

      MD5

      b0d07dcf28b0afae831f38e917a17315

      SHA1

      d5567bee1a0fb9ec070fe432ad8c7c3d4f1fca8b

      SHA256

      919f6f0ae0f602b9ee779b7b425d330474f84a9975a287b43eda0ec2c712c618

      SHA512

      0d0df28648f31c27556f6b219855f4b349affc3d1cbe2b509de0176c4062857afe9487f7a547fbd869a209d52072b4e1b18aee7a173292260e4f6a36cce95de8

      Download Submit