Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
67s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
24/03/2023, 04:12
General
-
Target
DVDFab StreamFab v6.1.1.3 Multilenguaje (Español), Descarga videos de Prime Video, Netflix, Disney+ y muchos más..rar
-
Size
409.0MB
-
MD5
707b6c20b0c1da027cb794c789e33636
-
SHA1
afd3f71fe54e87a712434273861105636a2f0e81
-
SHA256
af6db6f0e4a5928454be6b59f2a5c8a7eb75dbdae3178560081c48be23d62491
-
SHA512
49a7505a4bb5f28da3f8df18bae9ec059f3c0808d37ffdbbd9008549f8b4c63889ee74caede121d829792560b1eaf77531d165799564f58cd075f343abe5f48b
-
SSDEEP
6291456:UkubX9u/sPCX7EBcNMt3pdM066Og5n3OK8RPTjrxrdYsfaCAkfvnoJMQfGn44MG:zubX9u8CX7EYMBpVOiYRdrdhfaCDtBCG
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies registry class 2 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 5 IoCs
-
Suspicious use of SendNotifyMessage 4 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\DVDFab StreamFab v6.1.1.3 Multilenguaje (Español), Descarga videos de Prime Video, Netflix, Disney+ y muchos más..rar"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\DVDFab StreamFab v6.1.1.3 Multilenguaje (Español), Descarga videos de Prime Video, Netflix, Disney+ y muchos más..rar2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\DVDFab StreamFab v6.1.1.3 Multilenguaje (Español), Descarga videos de Prime Video, Netflix, Disney+ y muchos más..rar"3⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
992KB
-
Filesize
208KB
-
Filesize
2.7MB
-
Filesize
2.7MB
-
Filesize
2.7MB
-
Filesize
96KB
-
Filesize
68KB
-
Filesize
92KB
-
Filesize
68KB
-
Filesize
92KB
-
Filesize
68KB
-
Filesize
68KB
-
Filesize
412KB
-
Filesize
192KB
-
Filesize
96KB
-
Filesize
68KB
-
Filesize
108KB
-
Filesize
68KB
-
Filesize
96KB
-
Filesize
132KB
-
Filesize
16.7MB
-
Filesize
252KB
-
Filesize
2.0MB
-
Filesize
68KB
-
Filesize
116KB
-
Filesize
444KB
-
Filesize
68KB
-
Filesize
344KB
-
Filesize
160KB
-
Filesize
144KB
-
Filesize
92KB
-
Filesize
68KB
-
Filesize
68KB
-
Filesize
68KB
-
Filesize
1.0MB
-
Filesize
68KB
-
Filesize
636KB
-
Filesize
76KB
-
Filesize
72KB
-
Filesize
68KB
-
Filesize
388KB
-
Filesize
68KB
-
Filesize
148KB
-
Filesize
212KB
-
Filesize
1.1MB
-
Filesize
2.2MB
-
Filesize
72KB
-
Filesize
604KB
-
Filesize
72KB
-
Filesize
68KB
-
Filesize
368KB
-
Filesize
1.7MB
-
Filesize
176KB
-
Filesize
1.2MB
-
Filesize
72KB
-
Filesize
76KB
-
Filesize
132KB
-
Filesize
72KB
-
Filesize
68KB
-
Filesize
140KB