Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

hrdcktbq/�...��.doc

windows7-x64

4

hrdcktbq/�...��.doc

windows10-2004-x64

1

hrdcktbq/补丁.exe

windows7-x64

1

hrdcktbq/补丁.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/06/2024, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hrdcktbq/补丁.exe

  • Size

    572KB

  • MD5

    4f23224608c7c37f1689107ac1f1e25e

  • SHA1

    4aee649fa704e85873fa7d4e4313a894b0704062

  • SHA256

    0d481d9450c6b0ca3d37d33e4b2eb2e2969dc2415ef43850c36bee296179d36b

  • SHA512

    1d6dc57b327a84ed280f9eb159ea5b05e8c7e6771be0a32458849039a2bece28847c3eb646723c7721e1ffb7681d0d52efab3842e3a8a045f56224691485c8a4

  • SSDEEP

    6144:N7U8DVZaVLr3XlLVVWOQ8A9QDWi3ZfYIOcsSYyy6akJQJcpiSMbPNYI0HK:Nz0r3pfWOQ8I0my8yyXR6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hrdcktbq\补丁.exe
    "C:\Users\Admin\AppData\Local\Temp\hrdcktbq\补丁.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads