Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

45c52fe9a3...d3.exe

windows7-x64

1

45c52fe9a3...d3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    125s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/06/2024, 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    45c52fe9a3f07c701c3d2e7a8c33f693f4f39680f1231e058ea3a8c19190c9d3.exe

  • Size

    5.3MB

  • MD5

    71aebd02397e5c0320a88bf1418b13c4

  • SHA1

    e94631ff1b0836c14f60e83c7f6f6050b5352481

  • SHA256

    45c52fe9a3f07c701c3d2e7a8c33f693f4f39680f1231e058ea3a8c19190c9d3

  • SHA512

    da98d8655fcc349fa4a42a6f02268525e0f726dfdfa7a38d4bc4aaf81cf43dc937c8e880416f5bba654e5284f2d271556e6fe7e10a74dab649dd14cb4d0ce321

  • SSDEEP

    98304:M5+hR+hwgpPfvB9E/J0vfkB8KiWxEB8KiWx/FLOAkGkzdnEVomFHKnP:M5Fpp9tvfkBdiWxEBdiWx/FLOyomFHKP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\45c52fe9a3f07c701c3d2e7a8c33f693f4f39680f1231e058ea3a8c19190c9d3.exe
    "C:\Users\Admin\AppData\Local\Temp\45c52fe9a3f07c701c3d2e7a8c33f693f4f39680f1231e058ea3a8c19190c9d3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2552
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4200,i,10373433614523925616,13586256558317053467,262144 --variations-seed-version --mojo-platform-channel-handle=4268 /prefetch:8
    1⤵
      PID:1740

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\vst5.ini
      Filesize

      15B

      MD5

      23347144883b17fa1e428c4cba6785a2

      SHA1

      3c19b5acfd7a6f6ab7c601e9917d0e423964af50

      SHA256

      e9147d7883710af6118132b1a6f683e51d4e4e0b3192c98bd66bc30bac2f7212

      SHA512

      d7bfd9642b762857a9b4755f5fec513279054805b2420296781bebe21fe5ef323dd848ee9fa0f0333e238b470f54500c214e8c221454d436f37deb58f629472e

      Download Submit