Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
29/07/2024, 08:03
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
参会人名单.cisri.exe
Resource
win7-20240704-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
参会人名单.cisri.exe
Resource
win10v2004-20240709-en
2 signatures
150 seconds
General
-
Target
参会人名单.cisri.exe
-
Size
4.6MB
-
MD5
f13abf247879c226344fb223574c4916
-
SHA1
24ff8b9a49da2089dfc2ac5555e27d9a00681374
-
SHA256
5202c9990cb2a5168c0901c4de10cf3bf1c476cdff69295bba59dc3543f761d4
-
SHA512
b6826f89d2f08db1bbaafea042ca1a069606244fcb2ef0d1c6b47f8ff7adabd1be77026f8a23565862b1b0db087c11c128bb6b556e06b1cedf40a142d29e13f0
-
SSDEEP
98304:h+TWKw6f0YVwThuXcr6FLOAkGkzdnEVomFHKnP:X6KVh+FLOyomFHKnP
Score
10/10
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 3520 参会人名单.cisri.exe 3520 参会人名单.cisri.exe