Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

GTA 5 Rex ...on.rar

windows7-x64

3

GTA 5 Rex ...on.rar

windows10-2004-x64

3

GTA 5 - St...ne.txt

windows7-x64

1

GTA 5 - St...ne.txt

windows10-2004-x64

1

GTA 5 - St...or.fkr

windows7-x64

3

GTA 5 - St...or.fkr

windows10-2004-x64

3

GTA 5 - St...gs.xml

windows7-x64

1

GTA 5 - St...gs.xml

windows10-2004-x64

1

GTA 5 - St...gs.xml

windows7-x64

1

GTA 5 - St...gs.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2023, 06:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GTA 5 Rex Optimization.rar

  • Size

    296KB

  • MD5

    3b00c1dbc4c20a5a7267dd24a9eb3639

  • SHA1

    7c59b45666d2bfbcc377f0eb5ba54b91aec98127

  • SHA256

    259da693dd39c3d1b5405506769698d3c3e3ca6262396f7d2558ad326de72a8f

  • SHA512

    f6fbe74291ae8c17761968181b8d858442c0d021f8fa11c36ad702d1141780cf394e22569b9dc85126fdf297df7e2224926f3661a9c0d1a8207bcfa5c0a3801b

  • SSDEEP

    6144:SMMkFpTj+BW4Ex++bVqY08uAizdUxayR2dsOQK0xsAXW9nodWfTeuTYHx74:HTj+o4ExPVm8uBzdga82lEssW9nou6H2

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\GTA 5 Rex Optimization.rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\GTA 5 Rex Optimization.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2628
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\GTA 5 Rex Optimization.rar"
        3⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2552-24-0x000000013F790000-0x000000013F888000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2552-25-0x000007FEFB170000-0x000007FEFB1A4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2552-26-0x000007FEF64D0000-0x000007FEF6784000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2552-27-0x000007FEFBBD0000-0x000007FEFBBE8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2552-28-0x000007FEFB360000-0x000007FEFB377000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2552-29-0x000007FEFAFF0000-0x000007FEFB001000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-30-0x000007FEF7D10000-0x000007FEF7D27000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2552-31-0x000007FEF7CF0000-0x000007FEF7D01000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-32-0x000007FEF7CD0000-0x000007FEF7CED000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2552-33-0x000007FEF62D0000-0x000007FEF64D0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2552-34-0x000007FEF7B10000-0x000007FEF7B21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-35-0x000007FEF7AD0000-0x000007FEF7B0F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2552-36-0x000007FEF6F10000-0x000007FEF6F31000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2552-37-0x000007FEF6EF0000-0x000007FEF6F08000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2552-38-0x000007FEF6ED0000-0x000007FEF6EE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-39-0x000007FEF6EB0000-0x000007FEF6EC1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-40-0x000007FEF6A70000-0x000007FEF6A81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-41-0x000007FEF6A50000-0x000007FEF6A6B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2552-42-0x000007FEF6A30000-0x000007FEF6A41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-43-0x000007FEF62B0000-0x000007FEF62C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2552-44-0x000007FEF6260000-0x000007FEF6290000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2552-45-0x000007FEF51B0000-0x000007FEF625B000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2552-46-0x000007FEF4F60000-0x000007FEF4FC7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2552-47-0x000007FEF49B0000-0x000007FEF4A1F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/2552-48-0x000007FEF4990000-0x000007FEF49A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-49-0x000007FEF4930000-0x000007FEF4986000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2552-50-0x000007FEF4900000-0x000007FEF4928000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2552-51-0x000007FEF4890000-0x000007FEF48B4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2552-52-0x000007FEF4870000-0x000007FEF4887000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2552-53-0x000007FEF4840000-0x000007FEF4863000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2552-54-0x000007FEF4820000-0x000007FEF4831000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-55-0x000007FEF45D0000-0x000007FEF45E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-56-0x000007FEF45A0000-0x000007FEF45C1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2552-57-0x000007FEF4580000-0x000007FEF4593000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2552-58-0x000007FEF4510000-0x000007FEF4522000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-59-0x000007FEF4280000-0x000007FEF43BB000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2552-60-0x000007FEF3EC0000-0x000007FEF3EEC000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2552-61-0x000007FEF3D00000-0x000007FEF3EB2000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2552-62-0x000007FEF3C80000-0x000007FEF3CDC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2552-63-0x000007FEF3C60000-0x000007FEF3C71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-64-0x000007FEF3BC0000-0x000007FEF3C57000-memory.dmp

    Filesize

    604KB

    Download

  • memory/2552-65-0x000007FEF3BA0000-0x000007FEF3BB2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-66-0x000007FEF3960000-0x000007FEF3B91000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2552-67-0x000007FEF3840000-0x000007FEF3952000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2552-68-0x000007FEF3800000-0x000007FEF3835000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2552-69-0x000007FEF37D0000-0x000007FEF37F5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2552-70-0x000007FEF37B0000-0x000007FEF37C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-71-0x000007FEF3740000-0x000007FEF37A1000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2552-72-0x000007FEF3720000-0x000007FEF3731000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-73-0x000007FEF3700000-0x000007FEF3712000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-74-0x000007FEF36E0000-0x000007FEF36F3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2552-75-0x000007FEF3640000-0x000007FEF36DF000-memory.dmp

    Filesize

    636KB

    Download

  • memory/2552-76-0x000007FEF3620000-0x000007FEF3631000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-77-0x000007FEF3510000-0x000007FEF3612000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2552-78-0x000007FEF34F0000-0x000007FEF3501000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-79-0x000007FEF34D0000-0x000007FEF34E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-80-0x000007FEF34B0000-0x000007FEF34C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-81-0x000007FEF3490000-0x000007FEF34A2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-82-0x000007FEF3470000-0x000007FEF3488000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2552-83-0x000007FEF3450000-0x000007FEF3466000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2552-84-0x000007FEF3420000-0x000007FEF3449000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2552-85-0x000007FEF3400000-0x000007FEF3412000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2552-86-0x000007FEF33E0000-0x000007FEF33F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2552-87-0x000007FEF33C0000-0x000007FEF33D1000-memory.dmp

    Filesize

    68KB

    Download