Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
43s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
29/10/2022, 21:23
Behavioral task
behavioral1
Sample
7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe
Resource
win7-20220901-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe
-
Size
81KB
-
MD5
a38e8d340674f0fa01435993adb37e70
-
SHA1
0b1d3d4946a8bdad3a4c9cfb3d2a3f101935b976
-
SHA256
7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708
-
SHA512
78b23d37dbe6a669972855d9a53aa9ddc1c68069d65fe8c3e2481ff87f97cec79e5bf4ba2f69c2bc9e76b3013261ade111476f5ee4d0cd54c3e1e7ef593a1c8c
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSjA6OMOka:5JjcF8KfCOcjk+guPVjSM6fOL
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1720-54-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral1/memory/1720-55-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\divx pro.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\Pamela Anderson.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\aimcracker.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\gorgious hotties who stimulated over worked rods.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\babe celebrating new years naked and spreading cunt.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\babe leading pussy-whipped stud around by her cunt.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\msncracker.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\Counter Strike CD Keygen.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\MSN Password Hacker and Stealer.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\honie with a ka-boom hot ass and delicious cunt.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\hot tomoli lathering up sexy body for boyfriend's tongue.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\AIM Flooder.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\movie of mom who whip hot ass on daughter's big cock lover.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\tiny little virgin showing off her cherry pussy.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\horny teen waking up with her pink pussy spread.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\gorgious babe who quit school to model pretty pink.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\aunt and nephew doing the nasty.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\password stealer.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\anastasia nude.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\cool rooster raiding hen house for hot babes, link city.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\two studs fucking the hell out of a slut from behind.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\tiny girl opening hole in crazy wish of cock.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\winxcfg.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\AIM Account Stealer.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\wife in kitchen preparing hot pussy for hubby's dinner.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\virtua girl - adriana.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\15 year old on beach.mpg.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\kill osama bin laden game.exe 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\sexy hot teens gettin busy in shower.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\stud fucking his blonde french maid.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\old lady in bra and corset with dildo.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\senior blonde fucking and suckin like a teen.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe File created C:\Windows\SysWOW64\macromd\honie with thick ass spreading her money maker.mpg.pif 7bc80bcda343a754029b5d72b4ffaba18c828cec94077c5c61fd4b6ce2297708.exe