Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

flstudio_w...50.exe

windows7-x64

4

flstudio_w...50.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    137s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 15:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    flstudio_win64_21.1.1.3750.exe

  • Size

    925.6MB

  • MD5

    30e6727eaec87bd7276f2b7e1180e531

  • SHA1

    b28c262435c5526d30be224246ceb5527f78f6b3

  • SHA256

    94d317af528ed1714c1f6df2347acf2f52acc9c3e22bd4e668bbdef33399f3d8

  • SHA512

    f127131b9b533146ca45007642aaf74d006c761c11894f3a719aad2414e04ee0cc5e384eedd961a227043ab87bc29afcb8bed827e1c8461aafd3ec62489f664f

  • SSDEEP

    12582912:0ozZdSUlJ/amvaZRPLoO4rIP9H39uW1YfmuSlKOx256aOYvki+dYKXwoCwzVAd2m:DnKmCZREvIPOWyOu3Ox2nMXwjwp/6XCe

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 13 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\flstudio_win64_21.1.1.3750.exe
    "C:\Users\Admin\AppData\Local\Temp\flstudio_win64_21.1.1.3750.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ILSetup.dll
    Filesize

    1.0MB

    MD5

    cd50c47c010aa1e6abd8bd8ce98fb8c5

    SHA1

    547e445c42b39041204c012f95e146ba7bb3442b

    SHA256

    1ea1404b5e14ee8572575d941ef27437a534b46aa1d23e112cf40f4144cbb7ca

    SHA512

    f4c54f3403633167572e36867a0e99164de2cafe873505922b055b65b63809729a89ab3df092a634d18fe2fb8d3d1060a908349ef61b88ff0750815347a4fa53

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\UserMgr.dll
    Filesize

    23KB

    MD5

    9210597fba3dfab3c69b1eb490205419

    SHA1

    6e3ca39043756ed1cceaf2d4853e7cb6be1c64cb

    SHA256

    7696c255014a543f720e189ab3fe48f62fcf43435465062649c96138eedb222f

    SHA512

    4877daefdd34725791fba7c8cc2d85c4e91080ca7787a71ee9ffde71704ac40799b891f03d1f1805a31af6ddc35e335f74c9d620e87d517670a378c001cffb06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    e2c04ba86a930d99bc04b5fd14a0cea6

    SHA1

    b80b6b2f1e66c6929f016fbeb0cd82f8abf0b883

    SHA256

    102960d2ae427b4949a5d3b31fde4cd8a5f76e6057eb824a19d887131ed7a41b

    SHA512

    4fd507c8beb01195276c8e2da25ed1932de8196a76c91eeefd369635b13325501d79e53646f733c3b495a766f35d626cb2bacdbae3a812fa31943ace305354db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    98b7bc5ba2d78162b587bbe2f3ae536a

    SHA1

    e261857a09500295b5e730c3ebd7aea8aec4907a

    SHA256

    a0fe6b0bdc9be8082daeefa5b1baae979560f97071cc3bef6e94a01e5e2e3615

    SHA512

    2c31253e69e5df0ba7b4a7586e8bcf8bf832b7083b6e66aee67a7dc694be44c77916cd92a1da4c7b45bf278e36008a8a0be4089410c9da88a9ea87a4e3ed03e3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ILSetup.dll
    Filesize

    1.0MB

    MD5

    cd50c47c010aa1e6abd8bd8ce98fb8c5

    SHA1

    547e445c42b39041204c012f95e146ba7bb3442b

    SHA256

    1ea1404b5e14ee8572575d941ef27437a534b46aa1d23e112cf40f4144cbb7ca

    SHA512

    f4c54f3403633167572e36867a0e99164de2cafe873505922b055b65b63809729a89ab3df092a634d18fe2fb8d3d1060a908349ef61b88ff0750815347a4fa53

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ILSetup.dll
    Filesize

    1.0MB

    MD5

    cd50c47c010aa1e6abd8bd8ce98fb8c5

    SHA1

    547e445c42b39041204c012f95e146ba7bb3442b

    SHA256

    1ea1404b5e14ee8572575d941ef27437a534b46aa1d23e112cf40f4144cbb7ca

    SHA512

    f4c54f3403633167572e36867a0e99164de2cafe873505922b055b65b63809729a89ab3df092a634d18fe2fb8d3d1060a908349ef61b88ff0750815347a4fa53

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\ILSetup.dll
    Filesize

    1.0MB

    MD5

    cd50c47c010aa1e6abd8bd8ce98fb8c5

    SHA1

    547e445c42b39041204c012f95e146ba7bb3442b

    SHA256

    1ea1404b5e14ee8572575d941ef27437a534b46aa1d23e112cf40f4144cbb7ca

    SHA512

    f4c54f3403633167572e36867a0e99164de2cafe873505922b055b65b63809729a89ab3df092a634d18fe2fb8d3d1060a908349ef61b88ff0750815347a4fa53

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    998189882c9f1be220c9faf0fd2bde15

    SHA1

    787d50c46c9a2a48565f684fabc7503aca8b0493

    SHA256

    f34385901206a3952fe2724edb3b0b123fd897119c774ab68c8745de6662d990

    SHA512

    e0c52ad851b476e7bcbadea8f993e5c6f9f70a9b46e2aebe8ee353a372b0bd5af95241240f880f49b9d91d240a4a2b7e7d2b7c8a18ca1654e607fa8d2772dfd6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\System.dll
    Filesize

    11KB

    MD5

    24523fe14bb9ba400a3950016b187915

    SHA1

    6ec152b4e4ac04038d4608a8a206070185116036

    SHA256

    c4aaf80e3990185eeb5ea56bf841dbf5f3d02269d715f3bfdfe8b54aa797a7b9

    SHA512

    ae73351d27109187f7c4e312bc30a165202f29d74c65dd0feaee75dab72b97d27c6482b1e95771063afec7e9f2ca03a27a11cd25e39228072b69c33fffef7257

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\UAC.dll
    Filesize

    14KB

    MD5

    adb29e6b186daa765dc750128649b63d

    SHA1

    160cbdc4cb0ac2c142d361df138c537aa7e708c9

    SHA256

    2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    SHA512

    b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsz8DB0.tmp\UserMgr.dll
    Filesize

    23KB

    MD5

    9210597fba3dfab3c69b1eb490205419

    SHA1

    6e3ca39043756ed1cceaf2d4853e7cb6be1c64cb

    SHA256

    7696c255014a543f720e189ab3fe48f62fcf43435465062649c96138eedb222f

    SHA512

    4877daefdd34725791fba7c8cc2d85c4e91080ca7787a71ee9ffde71704ac40799b891f03d1f1805a31af6ddc35e335f74c9d620e87d517670a378c001cffb06

    Download Submit

  • memory/2700-66-0x0000000003B30000-0x0000000003C3B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2700-14-0x0000000003B20000-0x0000000003C2B000-memory.dmp

    Filesize

    1.0MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.