Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Cuphead-20...01.zip

windows7-x64

1

Cuphead-20...01.zip

windows10-2004-x64

1

Cuphead/__...er.exe

windows7-x64

7

Cuphead/__...er.exe

windows10-2004-x64

7

Cuphead/go...91.zip

windows7-x64

1

Cuphead/go...91.zip

windows10-2004-x64

1

Cuphead/go...91.ico

windows7-x64

3

Cuphead/go...91.ico

windows10-2004-x64

3

Cuphead/go...1.info

windows7-x64

3

Cuphead/go...1.info

windows10-2004-x64

3

Cuphead/go...script

windows7-x64

3

Cuphead/go...script

windows10-2004-x64

3

Cuphead/webcache.zip

windows7-x64

1

Cuphead/webcache.zip

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/04/2023, 20:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cuphead/goggame-1963513391.info

  • Size

    798B

  • MD5

    a8cb453e87d56cd57f1329fb7dd6b9c0

  • SHA1

    0e7d46b75518198977e2c2db4694b77e71c67e27

  • SHA256

    5229ac38a741e79eb82ceb4638fc04bae8698bf6f3e09d0c9196363c124a8702

  • SHA512

    de8635e62eef852f7f92e8f5fb5fef93089d008339e63253be1be09e85cddb9231c320bf182d84cb46665ffc51af24bdb48e82de58917b41f182c7d50fa562d4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 10 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Cuphead\goggame-1963513391.info
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Cuphead\goggame-1963513391.info
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:1684
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Cuphead\goggame-1963513391.info"
        3⤵
        • Suspicious use of SetWindowsHookEx
        PID:1712

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.