Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

infinst.exe

windows10-1703-x64

4

infinst.exe

windows10-2004-x64

4

x3daudio1_1.dll

windows10-1703-x64

1

x3daudio1_1.dll

windows10-2004-x64

3

xactengine2_7.dll

windows10-1703-x64

7

xactengine2_7.dll

windows10-2004-x64

7

AutoPlay/D...UP.dll

windows10-1703-x64

4

AutoPlay/D...UP.dll

windows10-2004-x64

4

AutoPlay/D...UP.exe

windows10-1703-x64

4

AutoPlay/D...UP.exe

windows10-2004-x64

4

AutoPlay/D...S.pptx

windows10-1703-x64

1

AutoPlay/D...S.pptx

windows10-2004-x64

1

AutoPlay/D...er.exe

windows10-1703-x64

7

AutoPlay/D...er.exe

windows10-2004-x64

7

AutoPlay/D...32.dll

windows10-1703-x64

4

AutoPlay/D...32.dll

windows10-2004-x64

4

AutoPlay/D...up.exe

windows10-1703-x64

7

AutoPlay/D...up.exe

windows10-2004-x64

7

autorun.exe

windows10-1703-x64

3

autorun.exe

windows10-2004-x64

3

lua5.1.dll

windows10-1703-x64

3

lua5.1.dll

windows10-2004-x64

3

lua51.dll

windows10-1703-x64

3

lua51.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    384s
  • max time network
    1826s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-es
  • resource tags

    arch:x64arch:x86image:win10-20220901-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    15/02/2023, 04:45 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoPlay/Docs/VC_RedistInstaller.exe

  • Size

    47.8MB

  • MD5

    81d13c603e77045c22db7838706b4f00

  • SHA1

    ff9c335363cd764164b81699fbd2bf4aaac587cf

  • SHA256

    0cb11bd72d9b6c844ac3a7d046b1743790444c5fac4f8f3788ddb2cd5d2a38c4

  • SHA512

    ef17fffca705c5dca387df09bd02f9f5381edbc61864d04e6098fbd7dcdf7f22703dcc31121a5ebeb0861489bbfc41c5d549e06664d50ab64f38ff6d82e349a6

  • SSDEEP

    786432:pUuwDlB5zWhAaKoXa3hegoR5oFBJSISZsOkfIuxoVTclL4NFDFIgrZ8pmuMtDHN:WuwDFzWhbKBEgoqJf6FDF8mZlHN

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AutoPlay\Docs\VC_RedistInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\AutoPlay\Docs\VC_RedistInstaller.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:404
    • C:\Users\Admin\AppData\Local\Temp\is-VHHFL.tmp\VC_RedistInstaller.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-VHHFL.tmp\VC_RedistInstaller.tmp" /SL5="$300DC,49648524,177152,C:\Users\Admin\AppData\Local\Temp\AutoPlay\Docs\VC_RedistInstaller.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:3472

Network

    No results found
  • 52.178.17.2:443
    322 B
     7
  • 96.16.53.137:80
    322 B
     7
No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-VHHFL.tmp\VC_RedistInstaller.tmp
    Filesize

    1.2MB

    MD5

    7ffa1cc1b4853c537f5d42a2d35cf006

    SHA1

    7335bd34920ed968623cb491c059e68aea297447

    SHA256

    898084b9317155c6555327dd8bd2c7b20fb791a415fff2a1c03e6b43378655b4

    SHA512

    83f264be5a259d7dec001a6a759d4edb382141d739a2ea28d330bf62ef5d9b5ccb7c2d680d065e46e0c1ab0b8da36a4d25948e45ce1ec03f0ab62d4d39c7c88b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\is-VHHFL.tmp\VC_RedistInstaller.tmp
    Filesize

    1.2MB

    MD5

    7ffa1cc1b4853c537f5d42a2d35cf006

    SHA1

    7335bd34920ed968623cb491c059e68aea297447

    SHA256

    898084b9317155c6555327dd8bd2c7b20fb791a415fff2a1c03e6b43378655b4

    SHA512

    83f264be5a259d7dec001a6a759d4edb382141d739a2ea28d330bf62ef5d9b5ccb7c2d680d065e46e0c1ab0b8da36a4d25948e45ce1ec03f0ab62d4d39c7c88b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-GFPUI.tmp\isskin.dll
    Filesize

    385KB

    MD5

    92c2e247392e0e02261dea67e1bb1a5e

    SHA1

    db72fed8771364bf8039b2bc83ed01dda2908554

    SHA256

    25fdb94e386f8a41f10aba00ed092a91b878339f8e256a7252b11169122b0a68

    SHA512

    e938d2a1870ccb437d818b5301e6ecffaa6efbf4f0122e1a1ae0981057d7d0376039ea927c6fd326456da2d6904803fca26b87245367a4c5de2aebc47bdcd4b5

    Download Submit

  • memory/404-152-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-155-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/404-151-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-123-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-124-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-125-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-126-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-127-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-128-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-129-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-131-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-130-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-132-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-133-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-134-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-135-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-136-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-137-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-138-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-139-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-140-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-141-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-142-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-143-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-144-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-145-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-146-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-147-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-148-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-149-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-150-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-120-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-122-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-121-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-153-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/404-156-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-157-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-158-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/404-233-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/3472-183-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-185-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-165-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-166-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-162-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-169-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-171-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-172-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-170-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-173-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-176-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-164-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-174-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-161-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-179-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-178-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-177-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-181-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-182-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-180-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-175-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-167-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-184-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-163-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-186-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3472-187-0x00000000778B0000-0x0000000077A3E000-memory.dmp

    Filesize

    1.6MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.