Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

Minecraft ...om.apk

android-9-x86

0-0caa7.png

windows7-x64

3

0-0caa7.png

windows10-2004-x64

3

00_dcast_lineup.png

windows7-x64

3

00_dcast_lineup.png

windows10-2004-x64

3

01_Alex_Dcast.json

windows7-x64

3

01_Alex_Dcast.json

windows10-2004-x64

3

01_dcast_l...ri.png

windows7-x64

3

01_dcast_l...ri.png

windows10-2004-x64

3

02_ Noor_Dcast.json

windows7-x64

3

02_ Noor_Dcast.json

windows10-2004-x64

3

02_dcast_l...or.png

windows7-x64

3

02_dcast_l...or.png

windows10-2004-x64

5

03_Ari_Dcast.json

windows7-x64

3

03_Ari_Dcast.json

windows10-2004-x64

3

03_dcast_l...ai.png

windows7-x64

3

03_dcast_l...ai.png

windows10-2004-x64

3

04_Sunny_Dcast.json

windows7-x64

3

04_Sunny_Dcast.json

windows10-2004-x64

3

04_dcast_l...ri.png

windows7-x64

3

04_dcast_l...ri.png

windows10-2004-x64

3

05_Makena_Dcast.json

windows7-x64

3

05_Makena_Dcast.json

windows10-2004-x64

5

05_dcast_l...ve.png

windows7-x64

3

05_dcast_l...ve.png

windows10-2004-x64

3

06_Efe_Dcast.json

windows7-x64

3

06_Efe_Dcast.json

windows10-2004-x64

3

06_dcast_l...ex.png

windows7-x64

3

06_dcast_l...ex.png

windows10-2004-x64

3

07_Zuri_Dcast.json

windows7-x64

3

07_Zuri_Dcast.json

windows10-2004-x64

5

07_dcast_l...fe.png

windows7-x64

3

Analysis

  • max time kernel
    155s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    30/06/2023, 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07_Zuri_Dcast.json

  • Size

    1KB

  • MD5

    389f61d4ed70cbcd8c7729934deb8495

  • SHA1

    57e00551782f6e1bdde459bf5ee612b1cac9d30b

  • SHA256

    20b8662df02acadf706545418054db27bfb958006757fb0ded36dc103e127246

  • SHA512

    4a201b106679c775e698dadf6803495acd9ee2d8d74eeb978a57fce55e6bccbcc18d3292160bde1386076eb6da638090aef0a9487272ecbda19c2ef9e1428769

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\07_Zuri_Dcast.json
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\07_Zuri_Dcast.json
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:560
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\07_Zuri_Dcast.json"
        3⤵
        • Suspicious use of SetWindowsHookEx
        PID:696

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    af0344a08771b4901cb4bf2d7ba42a2d

    SHA1

    ab7e169fc87bc9c0d6fceae2393222ebd19a3919

    SHA256

    af48ac7686e8d4c72f4d21b6bd7f8249d213206068d74db6491c5a28f3fe664d

    SHA512

    cb668f62ef43eee578973c44ed75f3f03654e931599d7b21a850906fc657c0a1f920966e8dce38cbc6f9a3c729ec75e5d6445a3c3ac2674ae4886212e25f5193

    Download Submit