Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
135s -
max time network
166s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
23/01/2024, 09:57
General
-
Target
Dealers Life 2 Pirata/DealersLife2.exe
-
Size
638KB
-
MD5
4fb6fca79936fa0905f25866b2367a09
-
SHA1
a4303900aeb1f85b434b339a71e365dcb47207ef
-
SHA256
7516f4065f79f4b45c79eea438426e28aa4c444dc0e189cdc245efd5df2b8fbf
-
SHA512
a6c8553e04da25ea26ad4e6baba803ab73ec758d24bea6e279ea91e0685236f03ff54969d1c5064eab38a10be8b5832d81d9f0859c11505364b4ebe4f6ddf687
-
SSDEEP
12288:9oCCAjH828z88p88tn88v88z8A8wgLeHD8T88r888f55o3nzWREXOw:6seLw6AOw
Malware Config
Signatures
-
Drops file in System32 directory 12 IoCs
-
Drops file in Windows directory 12 IoCs
-
Checks processor information in registry 2 TTPs 4 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\DealersLife2.exe"C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\DealersLife2.exe"1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe"C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe" --attach 3532 24408796733442⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe"C:\Users\Admin\AppData\Local\Temp\Dealers Life 2 Pirata\UnityCrashHandler64.exe" "3532" "2440879673344"3⤵
-
-
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x510 0x51c1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD587d48150cf8f09f360c3f1beae4b4ccd
SHA1b968692b8d370789b9cd657aa3263fc3207a6f29
SHA256ba36f87a595dea10e7feebb3335920a5d0a1fe207569279f29cd2a831a8b0af1
SHA512c71938bfa1d32b967acec7f11346a0207ab90be2218a4023e3e5b9aab680a442489fe86c85601d344a062d04a29e19d6c6bb9fa1f29209fa31711eb6f8758c91
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB