Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

SOFTWARE D...SE.rar

windows10-1703-x64

3

Resubmissions

14/02/2023, 02:39

230214-c5e55aab65 3

14/02/2023, 02:36

230214-c3vg2ahe81 3

Analysis

  • max time kernel
    50s
  • max time network
    62s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/02/2023, 02:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SOFTWARE DPI MOUSE.rar

  • Size

    3.1MB

  • MD5

    8a763459c9e026987901b92738b07a41

  • SHA1

    002a17e1c955651e00da3b762de78710385555fd

  • SHA256

    7a123be68219edde9e35a31b2d36ba1960a15679f4a5a05b4d38e8dff7f2575e

  • SHA512

    1a6e749ee34a72c8977629a11be5802c68ef1ad141879ac138b43badbbbae86d5647865f5535ca00f3524812174ea9a793b421de8d8d457bda95fcf8671d49a8

  • SSDEEP

    98304:Tp7+yJEyb9VSL/NWw+0OoKncGjYXCfs1gMaEvlSr:TpFb9oBWw+y+cGjYy01gMaEvlSr

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\SOFTWARE DPI MOUSE.rar"
    1⤵
    • Modifies registry class
    PID:2204
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2652

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads