Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
13/09/2024, 14:57
Static task
static1
Behavioral task
behavioral1
Sample
a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe
Resource
win10v2004-20240802-en
General
-
Target
a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe
-
Size
9.0MB
-
MD5
8ec6214ee6ba0226d85becac9a5f4a1f
-
SHA1
dd4ebce90daa22b81df7b5e8945814de20746edc
-
SHA256
a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f
-
SHA512
bcf60113ab01988b8a25ebad64280fadf2a53e868977a071fb7aad5fbe30e1cde335f1e467c5d0cc08097bcbb560b9d956356102823d0800f055682c0f21c545
-
SSDEEP
196608:keZeCMtHYzXTHEVkrSx/rbzt6XI3tGo+Gqq5viFn4S28B:ke85tHe0krK/rboX9dGqMY28B
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 4876 a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe 4876 a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe"C:\Users\Admin\AppData\Local\Temp\a186321e52c064c9e1447007c37c1e53a323c2d09ddc1ff8b90ee8b3fc337b4f.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:4876