Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

CCDisk (v2...HK.rar

windows7-x64

3

CCDisk (v2...HK.rar

windows10-2004-x64

3

Crack_HK.zip

windows7-x64

1

Crack_HK.zip

windows10-2004-x64

1

Crack_HK/CCDisk.exe

windows7-x64

Crack_HK/CCDisk.exe

windows10-2004-x64

Crack_HK/CCDisk.ini

windows7-x64

1

Crack_HK/CCDisk.ini

windows10-2004-x64

1

Crack_HK/CCacheX.dll

windows7-x64

1

Crack_HK/CCacheX.dll

windows10-2004-x64

3

Crack_HK/db.xml

windows7-x64

1

Crack_HK/db.xml

windows10-2004-x64

1

CCDisk (v2...LL.bat

windows7-x64

1

CCDisk (v2...LL.bat

windows10-2004-x64

1

CCDisk (v2...up.exe

windows7-x64

7

CCDisk (v2...up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2023, 14:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CCDisk (v2021.02.19)/ccdisksetup.exe

  • Size

    4.0MB

  • MD5

    dee9faa70dd7776cb8f21e4de5e908ca

  • SHA1

    1dd6c2d94f55fa7955f61f845741af981021e368

  • SHA256

    acbdef532ec5dfab992396e07b8d4c86597d567d805c8855184e0523c169f1cc

  • SHA512

    ae1222ab83f881527ebcff24870d83632b9c69cf14adfe891b3788b3a4ef2fa09494508902244f8b539c872165f8f6612108ebac6a874266b42fbc72bdc6991d

  • SSDEEP

    98304:C9OYMNeGvmsrRsusL43x/JW/IB5+JiPZ3lgoT:2yeGvmsrKj43xB6I2Ex3n

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CCDisk (v2021.02.19)\ccdisksetup.exe
    "C:\Users\Admin\AppData\Local\Temp\CCDisk (v2021.02.19)\ccdisksetup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1236
    • C:\Users\Admin\AppData\Local\Temp\is-5JL2C.tmp\ccdisksetup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-5JL2C.tmp\ccdisksetup.tmp" /SL5="$70120,3962269,58368,C:\Users\Admin\AppData\Local\Temp\CCDisk (v2021.02.19)\ccdisksetup.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      PID:1904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-5JL2C.tmp\ccdisksetup.tmp
    Filesize

    709KB

    MD5

    7bc6ee10dbc76acb9dbc72294cff3553

    SHA1

    6fde2a3122e9bd69e4b2c532d9ecd8471bafdf95

    SHA256

    9e26391f9a54ab1098a35ca415efd75117275d2c765c8aa9b3846b2bb8e8a3d1

    SHA512

    3cdc67ae60d6b88b55b1ca5a062d83fa629f825943064ee2d42477b6ed263f619cb011acc7f599b20088f8bd06b8e8b6a5786671d04bb8df828771a6bf7cfd18

    Download Submit

  • \Users\Admin\AppData\Local\Temp\is-5JL2C.tmp\ccdisksetup.tmp
    Filesize

    709KB

    MD5

    7bc6ee10dbc76acb9dbc72294cff3553

    SHA1

    6fde2a3122e9bd69e4b2c532d9ecd8471bafdf95

    SHA256

    9e26391f9a54ab1098a35ca415efd75117275d2c765c8aa9b3846b2bb8e8a3d1

    SHA512

    3cdc67ae60d6b88b55b1ca5a062d83fa629f825943064ee2d42477b6ed263f619cb011acc7f599b20088f8bd06b8e8b6a5786671d04bb8df828771a6bf7cfd18

    Download Submit

  • memory/1236-54-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/1236-63-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/1904-61-0x00000000003D0000-0x00000000003D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1904-64-0x0000000000400000-0x00000000004BF000-memory.dmp

    Filesize

    764KB

    Download

  • memory/1904-65-0x00000000003D0000-0x00000000003D1000-memory.dmp

    Filesize

    4KB

    Download