Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
107s -
max time network
131s -
platform
windows10-1703_x64 -
resource
win10-20230703-en -
resource tags
-
submitted
27/08/2023, 16:05
General
-
Target
installer.exe
-
Size
149KB
-
MD5
2091e5a265c44da1b0a5de5bc112a6dc
-
SHA1
02d5489c5bb1b169238ff5d79d5a09982d15caa3
-
SHA256
900a663fb206b74225e97e334c4a733ca870f29106f145044eeae77c08d0a44d
-
SHA512
77de1388ec943f3f6539b408a7133b4bc16b0b5c86acd5a22640ea9e1831aac71d806ff81e1c77024bbe7a8aecc4238f92d6cc1cfc56b943d31ec6643289c91a
-
SSDEEP
3072:hZoZc+265eMjxdbKRcIu5A6Jdx7Y6mGxq:hZoZ/+u5A6Jdx7Y6mmq
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\installer.exe"C:\Users\Admin\AppData\Local\Temp\installer.exe"1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Users\Admin\AppData\Roaming\Flarial\Flarial.Launcher.exe"C:\Users\Admin\AppData\Roaming\Flarial\Flarial.Launcher.exe"2⤵
-
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72.6MB
MD56d4970f4c3886491619be08a282ff842
SHA15bd14ab4516792cefd74fd15fe4ef6d416e8c790
SHA2567516dc5bfffc0b7ed1314aa0eba57c520d8c6b2014cdd59699d81268c1973621
SHA5129deb8751729ac34b5d001a36b1ff59fcacf9f5bfc4e3d8e83aa512470ca3a1f81599dde6f610c3fbee4b520988ea62ab75a71a66b799264ac63c732970516940