Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

AutoSettin...ck.bat

windows7-x64

7

AutoSettin...ck.bat

windows10-2004-x64

7

AutoSettin...ck.bat

windows7-x64

7

AutoSettin...ck.bat

windows10-2004-x64

7

AutoSettin...cs.bat

windows7-x64

7

AutoSettin...cs.bat

windows10-2004-x64

7

AutoSettin...rs.bat

windows7-x64

7

AutoSettin...rs.bat

windows10-2004-x64

7

AutoSettin...gs.bat

windows7-x64

1

AutoSettin...gs.bat

windows10-2004-x64

1

AutoSettin...7z.dll

windows7-x64

3

AutoSettin...7z.dll

windows10-2004-x64

3

AutoSettin...7z.exe

windows7-x64

1

AutoSettin...7z.exe

windows10-2004-x64

1

AutoSettin...er.exe

windows7-x64

1

AutoSettin...er.exe

windows10-2004-x64

1

AutoSettin...le.exe

windows7-x64

7

AutoSettin...le.exe

windows10-2004-x64

7

AutoSettin...PO.exe

windows7-x64

1

AutoSettin...PO.exe

windows10-2004-x64

1

AutoSettin...64.exe

windows7-x64

3

AutoSettin...64.exe

windows10-2004-x64

3

AutoSettin...86.exe

windows7-x64

7

AutoSettin...86.exe

windows10-2004-x64

7

AutoSettin...64.exe

windows7-x64

1

AutoSettin...64.exe

windows10-2004-x64

1

AutoSettin...86.exe

windows7-x64

1

AutoSettin...86.exe

windows10-2004-x64

1

AutoSettin...ks.ps1

windows7-x64

1

AutoSettin...ks.ps1

windows10-2004-x64

1

AutoSettin...ho.exe

windows7-x64

7

AutoSettin...ho.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    131s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 03:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoSettings/Files/Tools/Handle.exe

  • Size

    523KB

  • MD5

    2579df066d38a15be8142954a2633e7f

  • SHA1

    5f08cc1dfcbd277f607e01bbbfbb34996febd937

  • SHA256

    680327b39d67502103cc9ac8656564529c9a2765adbf563f3145589bcf87681b

  • SHA512

    e9fe542fbada4bad0218441aa12a1a8d05408fd6300d4cdeaec31ccc9b4bbaf70766defd42b7cc748f2cb0a04cb7138d4e993823051949567cd876ef32389030

  • SSDEEP

    6144:yfV+qzgQA7uQnHcjwlkEjA2ZZrTpnHqseZyTWSfbSRk4ewqK5u:yN1gQA7pHcKkQAY/beZDEK5u

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe
    "C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4196
    • C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle64.exe
      "C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe"
      2⤵
      • Executes dropped EXE
      PID:3104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle64.exe
    Filesize

    92KB

    MD5

    3b355f0e42f67c49f9a4bfad110a02b5

    SHA1

    3314530be5ed3e9787380728e9cbbef7a619af25

    SHA256

    0604c80e56b40dd82b98145ea09ac9b2f7e85b9bba94c1b040acefcd0bd54e2c

    SHA512

    f0ca961cba23499c6576c0f670f824f443a7db3a68b979000ffa3a977893b7b3179eb742862a84055361568dbaefaf1a80c5e3bff806cd0f5909133d440a47c1

    Download Submit