Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Resident E...er.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    40s
  • max time network
    49s
  • platform
    windows10-1703_x64
  • resource
    win10-20230915-es
  • resource tags

    arch:x64arch:x86image:win10-20230915-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    20/09/2023, 18:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Resident Evil 4 v1.0-v20230424 Plus 36 Trainer.exe

  • Size

    1.6MB

  • MD5

    bcacc9b5f549ea9f84b329bb2fdf9293

  • SHA1

    e5e6b61d29a99deb53d69ef72e1153bbf0beeb55

  • SHA256

    eabc658deece003f4e76ef76fd0932a0a2d91e63725bb11daf07dc7052689b76

  • SHA512

    86a385a22595129c3059c834a175c303b722f197a59a12bb96a96d01998ca0e8eff5a27552f4921745b7e015b98b4ad46b277099927af89249ce79b22b706483

  • SSDEEP

    24576:2inUIrP+Zeb+NKgNqRB+uCny6Dorar3QrLamx4wlKDSVXT5Xzwya:2iZGXN3IB+Tny6cGlwlfXT5Xzw1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Resident Evil 4 v1.0-v20230424 Plus 36 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\Resident Evil 4 v1.0-v20230424 Plus 36 Trainer.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\FLiNGTrainer\TrainerSettings.ini
    Filesize

    37B

    MD5

    a733986b23235e9df2ed8652044f4718

    SHA1

    a6b37ab6584096eee4e0bb79013773eb752bfe83

    SHA256

    e34c9e06cdd656e5b901c1eedd6d28aa595ceebd80e3c585218980fbd5a9c473

    SHA512

    635f58eed8f3af8e3b167b9b7825589e17f2aa638449961a11c4c54538c8d262fca7a35001dc3bd1a86aabe7030ddd03e66757aa6b3882ae7c8f99c8aa3389c6

    Download Submit

  • memory/4264-12-0x00000209A93C0000-0x00000209A93F8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4264-29-0x00007FFAFBB40000-0x00007FFAFC52C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/4264-7-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-8-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-9-0x00000209A9330000-0x00000209A9350000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4264-10-0x00000209A9320000-0x00000209A9328000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4264-6-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-13-0x00000209AA340000-0x00000209AA442000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4264-11-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-17-0x00000209AA280000-0x00000209AA2C6000-memory.dmp

    Filesize

    280KB

    Download

  • memory/4264-2-0x000002098CA60000-0x000002098CA94000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4264-30-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-31-0x00000209A50B0000-0x00000209A50C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4264-5-0x00007FFAFBB40000-0x00007FFAFC52C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/4264-41-0x00007FFAFBB40000-0x00007FFAFC52C000-memory.dmp

    Filesize

    9.9MB

    Download