Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Iron.Lung/...ot.exe

windows7-x64

1

Iron.Lung/...ot.exe

windows10-2004-x64

1

Iron.Lung/...ng.exe

windows7-x64

1

Iron.Lung/...ng.exe

windows10-2004-x64

1

Iron.Lung/...ss.dll

windows7-x64

1

Iron.Lung/...ss.dll

windows10-2004-x64

1

Iron.Lung/...rp.dll

windows7-x64

1

Iron.Lung/...rp.dll

windows10-2004-x64

1

Iron.Lung/...ty.dll

windows7-x64

1

Iron.Lung/...ty.dll

windows10-2004-x64

1

Iron.Lung/...on.dll

windows7-x64

1

Iron.Lung/...on.dll

windows10-2004-x64

1

Iron.Lung/...re.dll

windows7-x64

1

Iron.Lung/...re.dll

windows10-2004-x64

1

Iron.Lung/...ws.dll

windows7-x64

1

Iron.Lung/...ws.dll

windows10-2004-x64

1

Iron.Lung/...ns.dll

windows7-x64

1

Iron.Lung/...ns.dll

windows10-2004-x64

1

Iron.Lung/...on.dll

windows7-x64

1

Iron.Lung/...on.dll

windows10-2004-x64

1

Iron.Lung/...on.dll

windows7-x64

1

Iron.Lung/...on.dll

windows10-2004-x64

1

Iron.Lung/...re.dll

windows7-x64

1

Iron.Lung/...re.dll

windows10-2004-x64

1

Iron.Lung/...ta.dll

windows7-x64

1

Iron.Lung/...ta.dll

windows10-2004-x64

1

Iron.Lung/...ce.dll

windows7-x64

1

Iron.Lung/...ce.dll

windows10-2004-x64

1

Iron.Lung/...ng.dll

windows7-x64

1

Iron.Lung/...ng.dll

windows10-2004-x64

1

Iron.Lung/...es.dll

windows7-x64

1

Iron.Lung/...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/05/2023, 08:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Iron.Lung/Iron Lung/Iron Lung.exe

  • Size

    638KB

  • MD5

    8616d9ef509ab81b4993a0063c39b8d2

  • SHA1

    66f6e7d043b4f436b8b1e701d65ca0e0727b7963

  • SHA256

    c686ff9610225cbd8992b371a473299286663f31575952249ba83aa1aeb54dc9

  • SHA512

    ae7f5b04b1d4bfe332637225d881bfb70d5ac622ca7cc9b525acd4c1a4ef7bbdea676f5cbe41fcd606162e077a4c2442ac78f54792a7799203c190facc522224

  • SSDEEP

    12288:o4eC1MMcZ+xjx+RtIDjgooM5ANyxOOnwaV2ZKFXv7+zo:XJcZ+Jx+t4JDAOnwaVj9Czo

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Iron.Lung\Iron Lung\Iron Lung.exe
    "C:\Users\Admin\AppData\Local\Temp\Iron.Lung\Iron Lung\Iron Lung.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4656
    • C:\Users\Admin\AppData\Local\Temp\Iron.Lung\Iron Lung\UnityCrashHandler64.exe
      "C:\Users\Admin\AppData\Local\Temp\Iron.Lung\Iron Lung\UnityCrashHandler64.exe" --attach 4656 2193268805632
      2⤵
        PID:2220
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x2c8 0x4a8
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4640

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4656-133-0x000001FEC91D0000-0x000001FEC91E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-134-0x000001FEC9060000-0x000001FEC9070000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-135-0x000002004CDB0000-0x000002004CDD0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/4656-136-0x000002008F6B0000-0x000002008F6C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-137-0x00000200AF890000-0x00000200AF8A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-139-0x00000200AF8B0000-0x00000200AF8C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-140-0x00000200AF8F0000-0x00000200AF900000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-138-0x00000200AF8A0000-0x00000200AF8B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-141-0x00000200AFAB0000-0x00000200AFAC0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-142-0x00000200AFAC0000-0x00000200AFAD0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-144-0x00000200AFB40000-0x00000200AFB50000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-145-0x00000200B0B20000-0x00000200B0B40000-memory.dmp

      Filesize

      128KB

      Download

    • memory/4656-146-0x00000200B0B40000-0x00000200B0B50000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-147-0x00000200B0B50000-0x00000200B0B60000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-148-0x00000200B4AA0000-0x00000200B4AB0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-143-0x00000200AFAD0000-0x00000200AFAE0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-149-0x000002004E980000-0x000002004E990000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-150-0x000001FEC9060000-0x000001FEC9070000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-151-0x000001FEC91D0000-0x000001FEC91E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-152-0x000002004CDB0000-0x000002004CDD0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/4656-153-0x00000200AF890000-0x00000200AF8A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-154-0x00000200AF8F0000-0x00000200AF900000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-155-0x00000200AFAD0000-0x00000200AFAE0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4656-156-0x000002004E980000-0x000002004E990000-memory.dmp

      Filesize

      64KB

      Download