Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

CHAINSAW_D....1.zip

windows7-x64

1

CHAINSAW_D....1.zip

windows10-2004-x64

1

ChainsawDance.exe

windows7-x64

1

ChainsawDance.exe

windows10-2004-x64

1

FMODGMS.dll

windows7-x64

1

FMODGMS.dll

windows10-2004-x64

1

SoundPlayer.dll

windows7-x64

1

SoundPlayer.dll

windows10-2004-x64

1

fmod.dll

windows7-x64

3

fmod.dll

windows10-2004-x64

3

snd_garden.ps1

windows7-x64

1

snd_garden.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • max time network
    37s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    07/07/2023, 03:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ChainsawDance.exe

  • Size

    4.8MB

  • MD5

    3ca03698c68e94e7eac4c54a124e332c

  • SHA1

    af907d41ee1005cfb6ddd12703477ab89b60764a

  • SHA256

    ecba38bfc3cc82894ef3d7bd441add36b6e1c2f02574d9b8eba1dae10a628ab1

  • SHA512

    34e0447c2bb37bea5ef2cb1d9534c6156e7ca67328da070f5253c7d83874e037a57a255368ae769d6cdc0c8c82040da6437714df2427d0721eb1caa27e434b13

  • SSDEEP

    98304:foiaAGExvx3hhKE7uO5m7CsuCc5/serZLg0sO0S8Yp4m/jsLiuzfJHUSyPM8yJVl:f2AhhKE7uO5m7CsuCc5/sev0hi1/62Ba

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ChainsawDance.exe
    "C:\Users\Admin\AppData\Local\Temp\ChainsawDance.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2360
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x554
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    1b389a5395646f0e03ed8e4af1f44599

    SHA1

    6ebabf8509fb398ac7df4dc8357b0a6e13077ac0

    SHA256

    3c0c76391c4e7a99c761d79b2a30f716cbbca332021c6d6b9934e256b8485592

    SHA512

    16999c09e173be4f993925ece1db342c17d5be72321f5e57ee7281c39a9cf6099433267454f05f634b143a5b55edf5f2f89fb0280c7fb574cafcef6b7fded2f1

    Download Submit

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    1b389a5395646f0e03ed8e4af1f44599

    SHA1

    6ebabf8509fb398ac7df4dc8357b0a6e13077ac0

    SHA256

    3c0c76391c4e7a99c761d79b2a30f716cbbca332021c6d6b9934e256b8485592

    SHA512

    16999c09e173be4f993925ece1db342c17d5be72321f5e57ee7281c39a9cf6099433267454f05f634b143a5b55edf5f2f89fb0280c7fb574cafcef6b7fded2f1

    Download Submit

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    302f7b59b4be79715e727d51e6875df7

    SHA1

    67e4e2af2fba423540d95eb97594aa7c7447a66c

    SHA256

    4a0504f873af688a833201359c0ecfe49ffb9ac54042780a08fc9d359f610776

    SHA512

    2060aa9ab53e39bd86a53bb102a5960876f109732fa2e678f2d36b283fc2f719eb2031183a8a84e22a1d47ebef8dccec63f451d37e1fb425b3042f259c69ada4

    Download Submit

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    448ff4602cd77b6ee40009deeb910afe

    SHA1

    c95ee51efc2552d7f8179c49a755722aaaddd4b2

    SHA256

    011e3d5ba09631e398dfd40339415b04a3c69cde3a889ea5c450db9b3dc05bb8

    SHA512

    bb9f104a80d2a77b93728c685310420fde64efd6f7db60ac9f03a1850367a22462b59eac5aa708e195d045f8ee28fb43884a6af6200d556fc4e11a1eaf25ae31

    Download Submit

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    6971a402f7e79c43d5fc60bd52ab10fe

    SHA1

    d517133b1bdd1c7f3fd7492ca6abb5a0eaca8a11

    SHA256

    3f6efc15fe9f2549a784cfc3a2bf00721dca412cce25288332ab501c7f99de18

    SHA512

    7842fcb60fd9c8ce55f55970d13f8fee5d2d0618c12eb5f3cc5a9af9351012ac86d6422b7e67ecb18874b798684dab9c2ca73f19be75190d305268a04e5a4d3f

    Download Submit

  • C:\Users\Admin\AppData\Local\benedance\dancedata.ini
    Filesize

    62B

    MD5

    6971a402f7e79c43d5fc60bd52ab10fe

    SHA1

    d517133b1bdd1c7f3fd7492ca6abb5a0eaca8a11

    SHA256

    3f6efc15fe9f2549a784cfc3a2bf00721dca412cce25288332ab501c7f99de18

    SHA512

    7842fcb60fd9c8ce55f55970d13f8fee5d2d0618c12eb5f3cc5a9af9351012ac86d6422b7e67ecb18874b798684dab9c2ca73f19be75190d305268a04e5a4d3f

    Download Submit

  • memory/2360-82-0x00000000FFF50000-0x00000000FFF60000-memory.dmp

    Filesize

    64KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.