Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
25/06/2024, 17:27
Static task
static1
Behavioral task
behavioral1
Sample
a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe
Resource
win10v2004-20240611-en
General
-
Target
a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe
-
Size
5.7MB
-
MD5
f94a9131f449eb918f4dbeca0ddf1c3c
-
SHA1
62ce620a4c460bd8c426bd722e48e1097687cb62
-
SHA256
a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b
-
SHA512
f4e9a1f572e0a44bfc87c0d5b829c0d9584843f410729e1844443ec0bd1ecf5f59612146648deb5f89b296a04b98612408e5534181b8b0f4253dc677ffb73109
-
SSDEEP
98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmXkVE:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85n
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 1080 a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe"C:\Users\Admin\AppData\Local\Temp\a8847841699d6a52ac3f93de6cececb92468a8f71b7c7752247c00c04e6c310b.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1080
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
652B
MD5aeff50805222ae3e8db644494a0c23b7
SHA1c461f66011d263b7ed5e8c36394079da76b8c933
SHA256e753c71e4969f1ce3b6771f386aa261ef7ccb75ee50723a47aa060764ff77f77
SHA512d9c41de4758c6bef7af3f5b63e64bdfd075308354e2ce2de2f756b82a9c53d42fa553ade090f760227a2b3d48983a49478194768cd245d668261ad1ef814a2ba
-
Filesize
6KB
MD556618d40459aa39484b185e0342c12fc
SHA17a92c510ea6529f1efef99f656da88ad90d116df
SHA256c4f9617d8adb4fa595b443fc82dc8ddd92a332078d4e3df51128652b256a4a3b
SHA5125ec7e7fa0a1b29eb432058d708950fc4665fa6addb7f6cdde9aa03d789ad51a26eb6d5343a16f00a9fee0afe1dabfb6b373c6cfd8b861084dde33c368fb5a482
-
Filesize
310B
MD58e942d281a1cee2c421c96ddd90713df
SHA1d6645cb70e86edd753e67310e54ce64d8c2197a9
SHA256906bbb92990c1884085904599005eac8b701e5324019beeead8caebc2e8c3e1a
SHA5129b4c5a7ab47f1bf0f36e5abd0b3ddafe519fb0b53b5f0e948d4e9f8c248baae438db75a6865913f6e3714f93b8a2918ef661d1e7b94d4e19570859e27f00d997