Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

5j1yFYZ7wftOfBeB

windows7-x64

1

5j1yFYZ7wftOfBeB

windows10-2004-x64

1

6ulq7PkQ4jMa3CG3

windows7-x64

1

6ulq7PkQ4jMa3CG3

windows10-2004-x64

1

7UKgaRjbLtj7Nmd3

windows7-x64

1

7UKgaRjbLtj7Nmd3

windows10-2004-x64

1

EUlp3EBVoZzDusIE

windows7-x64

1

EUlp3EBVoZzDusIE

windows10-2004-x64

1

FwNX79XwxL713ubH

windows7-x64

1

FwNX79XwxL713ubH

windows10-2004-x64

1

IgXYrHdIyByyYZ23

windows7-x64

1

IgXYrHdIyByyYZ23

windows10-2004-x64

1

IxpMALudDFwYVaf5

windows7-x64

1

IxpMALudDFwYVaf5

windows10-2004-x64

1

JqEzfGnwc8hnAIwY

windows7-x64

1

JqEzfGnwc8hnAIwY

windows10-2004-x64

1

LEMqqtVPF49FmZ7W

windows7-x64

1

LEMqqtVPF49FmZ7W

windows10-2004-x64

1

RuntimeIni...s.json

windows7-x64

3

RuntimeIni...s.json

windows10-2004-x64

3

ScriptingA...s.json

windows7-x64

3

ScriptingA...s.json

windows10-2004-x64

3

System.Dat...es.dat

windows7-x64

3

System.Dat...es.dat

windows10-2004-x64

3

URodfDhi1apVS2I5

windows7-x64

1

URodfDhi1apVS2I5

windows10-2004-x64

1

UnityServi...n.json

windows7-x64

3

UnityServi...n.json

windows10-2004-x64

3

V21k9r3Ax9VAZivr

windows7-x64

1

V21k9r3Ax9VAZivr

windows10-2004-x64

1

VBpk2rQvTZJtfs5Y

windows7-x64

1

VBpk2rQvTZJtfs5Y

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2023, 09:53 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UnityServicesProjectConfiguration.json

  • Size

    864B

  • MD5

    a3ae25b293cb0d83940510d3a7a25113

  • SHA1

    60fbca80eb128270a0ec10856b56169423511a4b

  • SHA256

    e2d233597da5594e1e851f8edf267743fbd452e4c1b13e4378ec37e8af33fcc7

  • SHA512

    6bd23ff139f835907c5fb400c96ad7366d14d929b0d1f829565a8e0acc10bad1edcf8fd4666ed63d5f5574ed1f9bab7f9409fdad5c067cf2fe34afcd5096e878

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1584
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2616
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1bebc6bf5af16ff767c8ba167de73569

    SHA1

    d99fd91b134f81c56eedb464874119bd670216d8

    SHA256

    ce498326fd3c4ce82acc94d8a14f99ab66f6f6690b27c93ed828e56ab3c8857b

    SHA512

    c44ab8f430944dde2626674575dbf95679e224769353dc377c19d25e3fc884708779deb1395119cee5bbd92ba2080ff31fe99917aef84cc4969490539518a684

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.