Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

Cracks.rar

windows7-x64

3

Cracks.rar

windows10-2004-x64

3

V1 (01.02....me.dll

windows7-x64

1

V1 (01.02....me.dll

windows10-2004-x64

1

V1 (01.02....me.ini

windows7-x64

1

V1 (01.02....me.ini

windows10-2004-x64

1

V1 (01.02....er.exe

windows7-x64

1

V1 (01.02....er.exe

windows10-2004-x64

1

V1 (01.02....DM.exe

windows7-x64

3

V1 (01.02....DM.exe

windows10-2004-x64

3

V2 (08.02....me.dll

windows7-x64

1

V2 (08.02....me.dll

windows10-2004-x64

1

V2 (08.02....me.ini

windows7-x64

1

V2 (08.02....me.ini

windows10-2004-x64

1

V2 (08.02....er.exe

windows7-x64

1

V2 (08.02....er.exe

windows10-2004-x64

1

V2 (08.02....DM.exe

windows7-x64

3

V2 (08.02....DM.exe

windows10-2004-x64

3

V3 (02.03....me.dll

windows7-x64

1

V3 (02.03....me.dll

windows10-2004-x64

1

V3 (02.03....me.ini

windows7-x64

1

V3 (02.03....me.ini

windows10-2004-x64

1

V3 (02.03....er.exe

windows7-x64

1

V3 (02.03....er.exe

windows10-2004-x64

1

V3 (02.03....DM.exe

windows7-x64

3

V3 (02.03....DM.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2023, 15:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cracks.rar

  • Size

    3.0MB

  • MD5

    390d039e5951a642e2342c17f6f9857a

  • SHA1

    869b414fc25f3ad3ee30fc426fd790517436d364

  • SHA256

    06d28cc280dd732386109df526fe7b91e3e521baae918a7b7e73cce8f31c82ab

  • SHA512

    28e1f71753898b97aa77072515e5c6f3232ce7bbee389b602726ac0124344d235370b5604f5573dc59e5f7d98519e40347ba0c1d368eb97faf1832616d750bdb

  • SSDEEP

    49152:VFXAy1HYP4/mW6gmuYPvuGU9WC+fK3KG89Hw9Rt5/ZztnUYPTjaVMKvu7+GHM:Qy1Hce6FuyuGU9Wy6RQ9vhZztnRqVMKJ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 23 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 19 IoCs
  • Suspicious use of SendNotifyMessage 18 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Cracks.rar
    1⤵
    • Modifies registry class
    PID:4852
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5052
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Cracks.rar"
      2⤵
      • Modifies registry class
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:4448

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.SU4448
    Filesize

    82B

    MD5

    ca80d5df46526b7b00c9eec9ab93951d

    SHA1

    b1bdcc884e11b3abe051cc7d0370064b4ebb66b1

    SHA256

    d902ca016e6df34f2d585f3278599b3dd0448e069c94b3a98ba85c9afb6fdc51

    SHA512

    14618dccc62dcfb59c0c1f402709afd963a65e1466362b9696bebedb0a970bf29c29257406c301250d0d34e06aa3c7da610050b721c0b2493968b8b1e4973e89

    Download Submit

  • memory/4448-143-0x00007FF650070000-0x00007FF650168000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4448-144-0x00007FFC05930000-0x00007FFC05964000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4448-145-0x00007FFBF5C20000-0x00007FFBF5ED4000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4448-146-0x00007FFC0AF80000-0x00007FFC0AF98000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4448-147-0x00007FFC08DC0000-0x00007FFC08DD7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4448-149-0x00007FFC056E0000-0x00007FFC056F7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4448-148-0x00007FFC08D10000-0x00007FFC08D21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-150-0x00007FFC056C0000-0x00007FFC056D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-151-0x00007FFC05620000-0x00007FFC0563D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4448-152-0x00007FFC05600000-0x00007FFC05611000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-154-0x00007FFBF5F40000-0x00007FFBF6140000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4448-159-0x00007FFBF3BA0000-0x00007FFBF4C4B000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4448-166-0x00007FFC05590000-0x00007FFC055CF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/4448-168-0x00007FFC050D0000-0x00007FFC050E8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4448-167-0x00007FFBF6CF0000-0x00007FFBF6D11000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4448-169-0x00007FFC03390000-0x00007FFC033A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-170-0x00007FFBFC1B0000-0x00007FFBFC1C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-171-0x00007FFBFBE40000-0x00007FFBFBE51000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-173-0x00007FFBF6CB0000-0x00007FFBF6CC1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-172-0x00007FFBF6CD0000-0x00007FFBF6CEB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4448-174-0x00007FFBF5F20000-0x00007FFBF5F38000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4448-175-0x00007FFBF5EF0000-0x00007FFBF5F20000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4448-176-0x00007FFBF56F0000-0x00007FFBF5757000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4448-177-0x00007FFBF5660000-0x00007FFBF56CF000-memory.dmp

    Filesize

    444KB

    Download

  • memory/4448-178-0x00007FFBF5640000-0x00007FFBF5651000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-179-0x00007FFBF55E0000-0x00007FFBF5636000-memory.dmp

    Filesize

    344KB

    Download

  • memory/4448-181-0x00007FFBF5580000-0x00007FFBF55A4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/4448-183-0x00007FFBF5530000-0x00007FFBF5553000-memory.dmp

    Filesize

    140KB

    Download

  • memory/4448-182-0x00007FFBF5560000-0x00007FFBF5577000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4448-184-0x00007FFBF5510000-0x00007FFBF5521000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-180-0x00007FFBF55B0000-0x00007FFBF55D8000-memory.dmp

    Filesize

    160KB

    Download

  • memory/4448-185-0x00007FFBF54F0000-0x00007FFBF5502000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4448-186-0x00007FFBF54C0000-0x00007FFBF54E1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4448-188-0x00007FFBF5480000-0x00007FFBF5492000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4448-187-0x00007FFBF54A0000-0x00007FFBF54B3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/4448-189-0x00007FFBF5340000-0x00007FFBF547B000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/4448-190-0x00007FFBF5310000-0x00007FFBF533C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/4448-191-0x00007FFBF4DA0000-0x00007FFBF4F52000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4448-192-0x00007FFBF52B0000-0x00007FFBF530C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/4448-193-0x00007FFBF4D80000-0x00007FFBF4D91000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-194-0x00007FFBF38F0000-0x00007FFBF3987000-memory.dmp

    Filesize

    604KB

    Download

  • memory/4448-195-0x00007FFBF4D60000-0x00007FFBF4D72000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4448-196-0x00007FFBF36B0000-0x00007FFBF38E1000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/4448-197-0x00007FFBF3670000-0x00007FFBF36A5000-memory.dmp

    Filesize

    212KB

    Download

  • memory/4448-198-0x00007FFBF4D30000-0x00007FFBF4D55000-memory.dmp

    Filesize

    148KB

    Download

  • memory/4448-199-0x00007FFBF3650000-0x00007FFBF3661000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-200-0x00007FFBF35E0000-0x00007FFBF3641000-memory.dmp

    Filesize

    388KB

    Download

  • memory/4448-201-0x00007FFBF35C0000-0x00007FFBF35D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-202-0x00007FFBF35A0000-0x00007FFBF35B2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4448-204-0x00007FFBF33D0000-0x00007FFBF346F000-memory.dmp

    Filesize

    636KB

    Download

  • memory/4448-203-0x00007FFBF3470000-0x00007FFBF3483000-memory.dmp

    Filesize

    76KB

    Download

  • memory/4448-205-0x00007FFBF33B0000-0x00007FFBF33C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-206-0x00007FFBF32A0000-0x00007FFBF33A2000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4448-207-0x00007FFBF3060000-0x00007FFBF3071000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4448-208-0x00007FFBF2EE0000-0x00007FFBF3058000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/4448-209-0x00007FFBF2EC0000-0x00007FFBF2ED7000-memory.dmp

    Filesize

    92KB

    Download