Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

HD2018 V1.0.11.exe

windows7-x64

7

HD2018 V1.0.11.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2023, 09:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HD2018 V1.0.11.exe

  • Size

    77.9MB

  • MD5

    6748be5db315596d6daea1feaf4aa9e9

  • SHA1

    5a39f05e39705aed90ea14e645489144ff038fc2

  • SHA256

    cf71096cf900fffd4aace88078510b4940bf95b93416b12d5e5f620cf02bc5c0

  • SHA512

    b4eb963913a34b22b84f5461d13809d842b010f4fa9c409b08c52dce25566861e6bd8e88f046082302a9b817eb0551f3e52d7ea85af6052650568993a7a1d120

  • SSDEEP

    1572864:fc+fiKUo/A1DuRf07weox9JLK2mfA1k/bZtN7nUIvzGpcsDvRtTl:fcLo/AIRf07Q9ZqfTTZtKQCpc4RtTl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\HD2018 V1.0.11.exe
    "C:\Users\Admin\AppData\Local\Temp\HD2018 V1.0.11.exe"
    1⤵
    • Loads dropped DLL
    PID:2484

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsvC8D5.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    8d5a5529462a9ba1ac068ee0502578c7

    SHA1

    875e651e302ce0bfc8893f341cf19171fee25ea5

    SHA256

    e625dcd0188594b1289891b64debddeb5159aca182b83a12675427b320bf7790

    SHA512

    101da2c33f47bd85b8934318e0f0b72f820afc928a2a21e2c7823875e3a0e830f7c67f42b4c2f30596eaa073617790c89700c0d95b7949ec617e52800b61d462

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsvC8D5.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    77ff758c10c66937de6d86c388aa431c

    SHA1

    14bd5628eaf8a12b55cd38f9560c839cb21ce77a

    SHA256

    6a033e367714ec0d13fca0589c165bdbf4d1dac459fa7ec7415815223fa3c008

    SHA512

    319837951be276a179ead69efcd24bd7566061abc7997ea782af50bd4b0d69e5ec1a6e4cdeb2825bafedf87edf03380396b7bcf58682b6a3a824c8dc4b966bda

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsvC8D5.tmp\ioSpecial.ini
    Filesize

    679B

    MD5

    d8e6fbf4e463a083240945dd240bc292

    SHA1

    8e035338e1ca12484af313b99a049bd32ca1a2c5

    SHA256

    7302a0b7ecbbcead34d3bd969debb30ee56443339abb7384308020f3da8a5af7

    SHA512

    c0b4962c241be21c93ab2400b3020b6d8341bc2e1f348eddd99ee6384ba3cc8f9fcf67186c89ea8fa6a70cc21292f04dd40291790f12c4408043a28fa4de50dd

    Download Submit