Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3pvz-road-trip.zip
windows7-x64
1pvz-road-trip.zip
windows10-2004-x64
1PvZ Road Trip.dat
windows7-x64
3PvZ Road Trip.dat
windows10-2004-x64
3PvZ Road Trip.exe
windows7-x64
3PvZ Road Trip.exe
windows10-2004-x64
3PvZRT_Data...nd.dll
windows7-x64
1PvZRT_Data...nd.dll
windows10-2004-x64
1PvZRT_Data...se.dll
windows7-x64
1PvZRT_Data...se.dll
windows10-2004-x64
1PvZRT_Data...ic.dll
windows7-x64
1PvZRT_Data...ic.dll
windows10-2004-x64
1PvZRT_Data/DRPC.dll
windows7-x64
1PvZRT_Data/DRPC.dll
windows10-2004-x64
1PvZRT_Data/Get.dll
windows7-x64
1PvZRT_Data/Get.dll
windows10-2004-x64
1PvZRT_Data...ay.mfx
windows7-x64
3PvZRT_Data...ay.mfx
windows10-2004-x64
3PvZRT_Data/KcBoxA.dll
windows7-x64
1PvZRT_Data/KcBoxA.dll
windows10-2004-x64
1PvZRT_Data...on.dll
windows7-x64
1PvZRT_Data...on.dll
windows10-2004-x64
1PvZRT_Data/Layer.dll
windows7-x64
1PvZRT_Data/Layer.dll
windows10-2004-x64
1PvZRT_Data...ad.dll
windows7-x64
1PvZRT_Data...ad.dll
windows10-2004-x64
1PvZRT_Data...ck.dll
windows7-x64
1PvZRT_Data...ck.dll
windows10-2004-x64
1PvZRT_Data/kcedit.mfx
windows7-x64
3PvZRT_Data/kcedit.mfx
windows10-2004-x64
3PvZRT_Data/kcfile.dll
windows7-x64
1PvZRT_Data/kcfile.dll
windows10-2004-x64
1Analysis
-
max time kernel
21s -
max time network
35s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
17/05/2023, 04:26
Static task
static1
Behavioral task
behavioral1
Sample
pvz-road-trip.zip
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
pvz-road-trip.zip
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
PvZ Road Trip.dat
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral4
Sample
PvZ Road Trip.dat
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
PvZ Road Trip.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral6
Sample
PvZ Road Trip.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
PvZRT_Data/Box2DBackground.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral8
Sample
PvZRT_Data/Box2DBackground.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
PvZRT_Data/Box2DBase.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral10
Sample
PvZRT_Data/Box2DBase.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
PvZRT_Data/Box2DStatic.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral12
Sample
PvZRT_Data/Box2DStatic.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
PvZRT_Data/DRPC.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral14
Sample
PvZRT_Data/DRPC.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
PvZRT_Data/Get.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral16
Sample
PvZRT_Data/Get.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
PvZRT_Data/KcArray.mfx
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral18
Sample
PvZRT_Data/KcArray.mfx
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
PvZRT_Data/KcBoxA.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral20
Sample
PvZRT_Data/KcBoxA.dll
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
PvZRT_Data/KcButton.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral22
Sample
PvZRT_Data/KcButton.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
PvZRT_Data/Layer.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral24
Sample
PvZRT_Data/Layer.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
PvZRT_Data/XBOXGamepad.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral26
Sample
PvZRT_Data/XBOXGamepad.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
PvZRT_Data/kcclock.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral28
Sample
PvZRT_Data/kcclock.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
PvZRT_Data/kcedit.mfx
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral30
Sample
PvZRT_Data/kcedit.mfx
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
PvZRT_Data/kcfile.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral32
Sample
PvZRT_Data/kcfile.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
General
-
Target
PvZRT_Data/KcButton.dll
-
Size
40KB
-
MD5
b848bbf535366b6053f7bc8ab87fc5e0
-
SHA1
19d8a51062201531ff58c898925e53490c22213e
-
SHA256
94cea0df9febe19fc2e1a905bd7df0bdab63797a42a7006f14bc8838003e5a45
-
SHA512
cc6df5fb9ef537a255faefb890ffd07556bffec5abd6a914afeb004b77dede2db21dce1179a36b8641e7150e8c466345a58288835722639c1fbb7e5665122543
-
SSDEEP
384:3rIlaI9/J7NBiwulWwnTXnk2Fp1ARNq1O1wLPw3p8/F9U+SX8wVAvBjKA:3rIl3xNBST3xFTAAqwfaWvBjKA
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27 PID 1160 wrote to memory of 2016 1160 rundll32.exe 27