Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
21/10/2022, 00:54
Static task
static1
Behavioral task
behavioral1
Sample
5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe
Resource
win7-20220901-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe
-
Size
13KB
-
MD5
7b3a29b687c346cfb3be0ddc2705ebce
-
SHA1
37e53e167b03d8a5f7ab919d4494791bcee8cb2d
-
SHA256
5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be
-
SHA512
41f98830a874ea1bc5bffa2ebffd223c0f9366faf8333413fb9540f38d69c3f1af1b26b4a39b0fd97b73e0444bf4860013f3e1ae30a5cecc85e56704c5a2b72e
-
SSDEEP
384:8Oa+ijNOY9rkyIDaFErNSrzNvOcal9qgeOJ:Z1uAkERoZp9OJ
Score
6/10
Malware Config
Signatures
-
Drops desktop.ini file(s) 20 IoCs
description ioc Process File opened for modification \??\c:\Program Files\Microsoft Games\Hearts\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Mahjong\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\Mahjong\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\FreeCell\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\$Recycle.Bin\S-1-5-21-4063495947-34355257-727531523-1000\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Chess\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\Chess\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\FreeCell\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Hearts\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Purble Place\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\Solitaire\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\$Recycle.Bin\S-1-5-21-4063495947-34355257-727531523-1000\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\Purble Place\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Solitaire\desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Mozilla Firefox\freebl3.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\7-Zip\readme.txt 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Mozilla Firefox\libGLESv2.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\PresentationBuildTasks.resources.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\bin\rmiregistry.exe 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\Europe\Vienna 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\hr.txt 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\America\Denver 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Games\Mahjong\MahjongMCE.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.lnk 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\ja-JP\OmdProject.dll.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\vi.txt 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\bin\ssvagent.exe 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\Europe\Tirane 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\sa.txt 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\ReachFramework.resources.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationClient.resources.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\DVD Maker\Eurosti.TTF 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe File opened for modification \??\c:\Program Files\Java\jre7\lib\zi\America\Jamaica 5956d6697f3eee17eeebfd18f130e2f512a08b6b39d8f810beceb584670c41be.exe