Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Chatterino...er.exe

windows7-x64

7

Chatterino...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    61s
  • max time network
    65s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/03/2023, 21:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Chatterino.Installer.exe

  • Size

    42.8MB

  • MD5

    5336ce17d2a31bae379fc8863f3a4344

  • SHA1

    205cbb7a44456e12458ef17a9a39983f0d8e3fc9

  • SHA256

    26d8a2669d27e58a7623b583b1290547402c9a9a2c9fd1ecbcb3e8b08c4fccc2

  • SHA512

    6a9705eea2668f4651602410bd747beb50628acecf499d57a9a9ea08ba20632a873b0e151847964b19fe6fd53c9b308fad325c2db6f0737e8efab857b5bcd4dc

  • SSDEEP

    786432:rY3KxknxKPXgK0sujEEbs23Rf4a7SCNXZKM+WOkEg5MCuKOE+:1kCOsJ6s2BLWNWvEge3ZE+

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Chatterino.Installer.exe
    "C:\Users\Admin\AppData\Local\Temp\Chatterino.Installer.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1192
    • C:\Users\Admin\AppData\Local\Temp\is-VI50F.tmp\Chatterino.Installer.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-VI50F.tmp\Chatterino.Installer.tmp" /SL5="$9005A,44028552,792576,C:\Users\Admin\AppData\Local\Temp\Chatterino.Installer.exe"
      2⤵
      • Executes dropped EXE
      PID:3840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-VI50F.tmp\Chatterino.Installer.tmp
    Filesize

    3.0MB

    MD5

    6b62646faf2f59b7c2c243af7c1ea902

    SHA1

    7f0bedfac295020695284625b786b42e10d089c5

    SHA256

    924721d3b4a6c19e218c94790c03ff498c9d0d0495018559b8dec9fc67c22fbd

    SHA512

    77dda5d7b6f62742ee7221eaa24f219cbf3ef58b3861f711653384cc126b2ad947a2ce386212a5a66e8f3291be857b7a9956f8014fa006532e1c82151dc547a9

    Download Submit

  • memory/1192-133-0x0000000000400000-0x00000000004CF000-memory.dmp

    Filesize

    828KB

    Download

  • memory/1192-139-0x0000000000400000-0x00000000004CF000-memory.dmp

    Filesize

    828KB

    Download

  • memory/3840-138-0x0000000000D00000-0x0000000000D01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3840-140-0x0000000000400000-0x0000000000709000-memory.dmp

    Filesize

    3.0MB

    Download