Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

bol_setup.exe

windows7-x64

8

bol_setup.exe

windows10-2004-x64

8

out.exe

windows7-x64

out.exe

windows10-2004-x64

Resubmissions

30/12/2022, 00:20

221230-am6t1see59 8

29/12/2022, 23:59

221229-31shrsee28 8

29/12/2022, 21:37

221229-1gmgashe3w 8

29/12/2022, 18:49

221229-xgm62sha6w 8

Analysis

  • max time kernel
    1538s
  • max time network
    1576s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/12/2022, 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bol_setup.exe

  • Size

    1.3MB

  • MD5

    8303cfa6502fd0c42eff4133bc1938e4

  • SHA1

    6cdbd45bb72b1524113bba8e613b21682b4af497

  • SHA256

    47bc15b221a193ce995f1cee01ec44948d28480cbca32a9e66bd3bbf9dc79e5d

  • SHA512

    a4c58e5e50a4ba5427267e54cd3a30df9c0d20db71c8b194e0d96827c27d0e7910e0bafefb231d9bf760910507a67812faa79ad4a359846bf8da8ab37e58bf2e

  • SSDEEP

    24576:2CQjv/3EH3aLXerTO6uP7UJc9GA5bYUkDXZIxfqdPxw0pZHgbfeOqP:5aB6iJlxkzCJqdPxJwf+

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bol_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\bol_setup.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:4956

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4956-132-0x0000000000400000-0x0000000000698000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/4956-133-0x0000000000400000-0x0000000000698000-memory.dmp

    Filesize

    2.6MB

    Download