Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ANGRY.ogg

windows7-x64

1

ANGRY.ogg

windows10-2004-x64

7

ANGRY_TEXT_BOX.ogg

windows7-x64

1

ANGRY_TEXT_BOX.ogg

windows10-2004-x64

7

Animation.json

windows7-x64

3

Animation.json

windows10-2004-x64

3

BF_Dialogue.png

windows7-x64

3

BF_Dialogue.png

windows10-2004-x64

3

BF_Dialogue.xml

windows7-x64

1

BF_Dialogue.xml

windows10-2004-x64

1

BOYFRIEND.png

windows7-x64

3

BOYFRIEND.png

windows10-2004-x64

3

BOYFRIEND.xml

windows7-x64

1

BOYFRIEND.xml

windows10-2004-x64

1

BOYFRIEND_DEAD.png

windows7-x64

3

BOYFRIEND_DEAD.png

windows10-2004-x64

3

BOYFRIEND_DEAD.xml

windows7-x64

1

BOYFRIEND_DEAD.xml

windows10-2004-x64

1

DADDY_DEAREST.png

windows7-x64

3

DADDY_DEAREST.png

windows10-2004-x64

3

DADDY_DEAREST.xml

windows7-x64

1

DADDY_DEAREST.xml

windows10-2004-x64

1

DISTORTO.ogg

windows7-x64

1

DISTORTO.ogg

windows10-2004-x64

7

GF_1.ogg

windows7-x64

1

GF_1.ogg

windows10-2004-x64

7

GF_2.ogg

windows7-x64

1

GF_2.ogg

windows10-2004-x64

7

GF_3.ogg

windows7-x64

1

GF_3.ogg

windows10-2004-x64

7

GF_4.ogg

windows7-x64

1

GF_4.ogg

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    170s
  • platform
    windows7_x64
  • resource
    win7-20231023-es
  • resource tags

    arch:x64arch:x86image:win7-20231023-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    07/11/2023, 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BF_Dialogue.png

  • Size

    527KB

  • MD5

    6cc63c387c1add7b7eac4b21d73c59f6

  • SHA1

    2757459e36f5fe787836e9cd9dd3dff0b948103e

  • SHA256

    5d7c8e4d67f34778df606dc7ceeb878603ef4e570ff899393e0f1441e4c3810c

  • SHA512

    04e6f5ca7bd6e53a11b76d030404bda55d5bc62e0131ce3291997e0ea6bdae90f4775308cb6d00b5a29b50a5e1fb445e876912eca2cd125e1b76a1415441036b

  • SSDEEP

    12288:z6aM76J7o0aB1PL6Q8K2GngVQVIRLIG5jBcpqgPizgwHh2O:zvqv1D61xZRLIIjBcpqgOgeV

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\BF_Dialogue.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-0-0x0000000001B50000-0x0000000001B51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2040-1-0x0000000001B50000-0x0000000001B51000-memory.dmp

    Filesize

    4KB

    Download