Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

Dealers Li...ch.zip

windows7-x64

1

Dealers Li...ch.zip

windows10-2004-x64

1

Dealers Li...ch.zip

ubuntu-18.04-amd64

Dealers Li...ch.zip

debian-9-armhf

Dealers Li...ch.zip

debian-9-mips

Dealers Li...ch.zip

debian-9-mipsel

Dealers Li...e2.exe

windows7-x64

1

Dealers Li...e2.exe

windows10-2004-x64

5

Dealers Li...e2.exe

ubuntu-18.04-amd64

Dealers Li...e2.exe

debian-9-armhf

Dealers Li...e2.exe

debian-9-mips

Dealers Li...e2.exe

debian-9-mipsel

Analysis

  • max time kernel
    120s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    23/01/2024, 09:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dealers Life 2 Pirata/DealersLife2.exe

  • Size

    638KB

  • MD5

    4fb6fca79936fa0905f25866b2367a09

  • SHA1

    a4303900aeb1f85b434b339a71e365dcb47207ef

  • SHA256

    7516f4065f79f4b45c79eea438426e28aa4c444dc0e189cdc245efd5df2b8fbf

  • SHA512

    a6c8553e04da25ea26ad4e6baba803ab73ec758d24bea6e279ea91e0685236f03ff54969d1c5064eab38a10be8b5832d81d9f0859c11505364b4ebe4f6ddf687

  • SSDEEP

    12288:9oCCAjH828z88p88tn88v88z8A8wgLeHD8T88r888f55o3nzWREXOw:6seLw6AOw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\DealersLife2.exe
    "C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\DealersLife2.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe
      "C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe" --attach 536 987136
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:2772
      • C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe
        "C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe" "536" "987136"
        3⤵
          PID:1544
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 536 -s 2044
        2⤵
          PID:3016

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\LocalLow\Abyte Entertainment\DealersLife2\Player.log
        Filesize

        13KB

        MD5

        1c5bb47a85c225f52860c3bd9dad707a

        SHA1

        f2a2f1dfff46e0927bd6157ad2018dd257ae0d18

        SHA256

        46b7631bfbbc146720b860a92eafe24f5b3c7e09a975857e012f93a02de0c324

        SHA512

        b4d315aa38d6a1cda0c2bd93084bbfcd69d88ea65eb9da2903315b990f66ae6bd830949270e3100ea622ff6303a10496cda605f32bf3983afd6a87a433864253

        Download Submit

      • memory/536-44-0x0000000062FA0000-0x0000000062FB0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-41-0x0000000063440000-0x0000000063450000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-6-0x0000000001E90000-0x0000000001EA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-19-0x00000000620F0000-0x0000000062100000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-22-0x000007FFFFEC0000-0x000007FFFFED0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-26-0x0000000062170000-0x0000000062180000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-29-0x0000000062C10000-0x0000000062C20000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-28-0x000007FEBDBB0000-0x000007FEBDBC0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-27-0x0000000062100000-0x0000000062110000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-34-0x000007FEBDBB0000-0x000007FEBDBC0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-36-0x0000000000330000-0x0000000000340000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-35-0x0000000062F80000-0x0000000062F90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-38-0x0000000001E80000-0x0000000001E90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-37-0x0000000000120000-0x0000000000130000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-40-0x0000000062FD0000-0x0000000062FE0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-39-0x0000000062F90000-0x0000000062FA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-0-0x0000000000330000-0x0000000000340000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-42-0x0000000063450000-0x0000000063460000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-5-0x0000000001E80000-0x0000000001E90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-43-0x0000000063460000-0x0000000063470000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-1-0x0000000000120000-0x0000000000130000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-46-0x0000000064480000-0x0000000064490000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-45-0x0000000063570000-0x0000000063580000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-47-0x0000000064690000-0x00000000646A0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-51-0x000007FEBDBB0000-0x000007FEBDBC0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-53-0x00000000646A0000-0x00000000646B0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-52-0x0000000001E90000-0x0000000001EA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-54-0x00000000620F0000-0x0000000062100000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-55-0x0000000062170000-0x0000000062180000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-56-0x0000000062100000-0x0000000062110000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-57-0x0000000062C10000-0x0000000062C20000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-58-0x0000000062F80000-0x0000000062F90000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-59-0x0000000062F90000-0x0000000062FA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-60-0x0000000063570000-0x0000000063580000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-61-0x0000000064480000-0x0000000064490000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-62-0x0000000064690000-0x00000000646A0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-63-0x0000000001E90000-0x0000000001EA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-64-0x0000000000330000-0x0000000000340000-memory.dmp

        Filesize

        64KB

        Download

      • memory/536-65-0x0000000000120000-0x0000000000130000-memory.dmp

        Filesize

        64KB

        Download