Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

installer.exe

windows10-1703-x64

3

installer.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/08/2023, 16:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    installer.exe

  • Size

    149KB

  • MD5

    2091e5a265c44da1b0a5de5bc112a6dc

  • SHA1

    02d5489c5bb1b169238ff5d79d5a09982d15caa3

  • SHA256

    900a663fb206b74225e97e334c4a733ca870f29106f145044eeae77c08d0a44d

  • SHA512

    77de1388ec943f3f6539b408a7133b4bc16b0b5c86acd5a22640ea9e1831aac71d806ff81e1c77024bbe7a8aecc4238f92d6cc1cfc56b943d31ec6643289c91a

  • SSDEEP

    3072:hZoZc+265eMjxdbKRcIu5A6Jdx7Y6mGxq:hZoZ/+u5A6Jdx7Y6mmq

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\installer.exe
    "C:\Users\Admin\AppData\Local\Temp\installer.exe"
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1176
    • C:\Users\Admin\AppData\Roaming\Flarial\Flarial.Launcher.exe
      "C:\Users\Admin\AppData\Roaming\Flarial\Flarial.Launcher.exe"
      2⤵
        PID:2232
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:1448

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Roaming\Flarial\Flarial.Launcher.exe
        Filesize

        180.8MB

        MD5

        c450047ac5f9d717c7db759145f1f0ac

        SHA1

        c26bddb08f8f37b83aa6b2ab44b4771ac7414074

        SHA256

        580f95efa28a290ddf084c6d3712c03a162a7f9f4c4a68b0d088e20458fa6a47

        SHA512

        10f8b14de401f6bc2f37ba84acb0da4882eed64b379f76fd6fd40d618ba5e99f902ec2949b4a125a769ecc2dacf7f5589ad2e9e528f5700c3d2da97b0cb53c57

        Download Submit

      • C:\Users\Admin\AppData\Roaming\Flarial\latest.zip
        Filesize

        72.6MB

        MD5

        6d4970f4c3886491619be08a282ff842

        SHA1

        5bd14ab4516792cefd74fd15fe4ef6d416e8c790

        SHA256

        7516dc5bfffc0b7ed1314aa0eba57c520d8c6b2014cdd59699d81268c1973621

        SHA512

        9deb8751729ac34b5d001a36b1ff59fcacf9f5bfc4e3d8e83aa512470ca3a1f81599dde6f610c3fbee4b520988ea62ab75a71a66b799264ac63c732970516940

        Download Submit