Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

AntivirusD...in.zip

windows11-21h2-x64

1

AntivirusD...ibutes

windows11-21h2-x64

3

AntivirusD....0.lnk

windows11-21h2-x64

3

AntivirusD...ICENSE

windows11-21h2-x64

1

AntivirusD...DME.md

windows11-21h2-x64

3

AntivirusD...ST.exe

windows11-21h2-x64

1

AntivirusD...fw.dll

windows11-21h2-x64

1

Resubmissions

08/07/2024, 11:05

240708-m639fsyaph 4

08/07/2024, 11:00

240708-m359msxhrf 3

08/07/2024, 10:54

240708-mzmm5avgrj 3

08/07/2024, 10:49

240708-mw431axfra 7

08/07/2024, 10:46

240708-mtxwxaxfjc 3

08/07/2024, 10:42

240708-mrn6zsxekb 7

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240704-en
  • resource tags

    arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    08/07/2024, 10:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AntivirusDefender8.0-main.zip

  • Size

    34KB

  • MD5

    5c90630ffc59f7c9177238825bd053b5

  • SHA1

    1169dcec468c24a74e774405e570dc6c4916825e

  • SHA256

    1ee3788918d34886873b12b45d7723e64eebe81cd117dbbf95f75fb99b38ea2d

  • SHA512

    0ef1e0c24ca9001a30476eaa640ef3b36890af790e6a45d92fcae42436f80bc5039000c0e37101632e8cb890e4faef8de34cd3541e38e9c1527d812c3a357162

  • SSDEEP

    768:QDbFz8pPHib6SEJWNsjj45uY9FZ4nPl1SItgKb:QVwviSljj4VJOOapb

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\AntivirusDefender8.0-main.zip
    1⤵
      PID:1072
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:3976
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:568

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        10KB

        MD5

        e19443d741352f2c73f66c679777f9dc

        SHA1

        2b4ed27817e6fc415e05a85bcef8da4040b0cb43

        SHA256

        08116a60365031617b4167b5bb1e8500ebc821ef4c9ab4d0616a136c997abaa1

        SHA512

        381e522015a59f34a33fd9c2476aa88b3ae06e3f0d090a847e3fd7c579c166527c3e5da9ccfde3cbe4a09fb2e0738d4fd8bea943ee1e1de12f244df16713a0d1

        Download Submit