Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system -
submitted
09/07/2024, 04:05
Static task
static1
Behavioral task
behavioral1
Sample
7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe
Resource
win10v2004-20240704-en
General
-
Target
7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe
-
Size
5.7MB
-
MD5
278fdb7269bcaeb148f6707c7ce3d869
-
SHA1
b7028031b8e1fb8aa194c515b314c4d9e05718e5
-
SHA256
7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f
-
SHA512
92e69cd2b36995f00475e44c6fad92ca2ffe75c74fd2734a766a97325fc80f57094fb9190d6f98cc0ba845d145177717cce2bf1c58c81d808a0fa3bb053470ec
-
SSDEEP
98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmGkVu:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85Q
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 2072 7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe"C:\Users\Admin\AppData\Local\Temp\7076ad70211d1ef3b2d2043d6a7091afec4e57f6d9cb32e4a006786b72c1010f.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
652B
MD53d9f35ba782335ddd8f46c04346e8b07
SHA1918b152c884ee3dd3c8c4ee49d793f57d655cdc1
SHA25690be2729caf6f1694bf1bdf46290af20166d950f292e01b07beedf518b0c0ad1
SHA51216a1824b2db28c61687c78bfc46f2625c849fcfeabefb49105db746a200584aabe430318b431c62ae352e7f46ccd5f5e792cd39de2ef073134728c55d7d903ea
-
Filesize
4KB
MD5891ddaa8f82e1084ec4939ff3ac8826d
SHA12bbd36ec3cea1c286dab03c97ffcbe0c14a8454e
SHA2560e01a8622951acf5f96e5674b06ea54624009589c4c469ec8ded61b0f6bbda63
SHA512208523d14d8eba97d981493772364fe82f1366acfb9c0fa8d0fe2172c2789707f24bd8b75c57f811afd88bd505ff429f335f1e615759c0884c16972a89b74c9a
-
Filesize
310B
MD5fd8b664cbf7faa71d92a5a3abb2c0373
SHA1054b20851958179647a09e69022e47e887f8ed05
SHA2565ec7e47a34d42dbaacbb587209c92275c09f96cfaeed43ee93c581ff6b70201c
SHA5122165ccc30c86307dedf5fc57bea2db7a0d96cc65335d953e6225bb71b1a2189efd707983e59a7323aeceaab60cf3f8515d7991a67333646fe2f5258ebcaca6c2