Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
23/01/2024, 16:48
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe
-
Size
811KB
-
MD5
79f134f22883f8a3640412daa1ffa54c
-
SHA1
be62ac2fe5b65326aace6452eb721599607a8382
-
SHA256
c9ad79a2557c43fd6dc508b707cf6a06c2c75067bc088f4729bd1dc3f96d0c3e
-
SHA512
036bc2589701a1bb0e0af8a3f5e1d96a19b6bf3a33d6375f1af25738e89a9c945ae10ee021637a7c7710e65bb6fbfce6229f543b59f60610084f9f7dded7bd58
-
SSDEEP
12288:xFkJaeEGo9S5d4K0GsAk7IOe+PrAtREB+c3xUOBhh3sGhfmGLpqQQ6RL5DSyt:PkJl4n7AEeUMHEt3ac3sCtLm4DS
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe 3168 Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 2504 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 2504 AUDIODG.EXE
Processes
-
C:\Users\Admin\AppData\Local\Temp\Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe"C:\Users\Admin\AppData\Local\Temp\Batman_Arkham Origins v1.0-Update 1 Plus 20 Trainer.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
PID:3168
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x2f8 0x4141⤵
- Suspicious use of AdjustPrivilegeToken
PID:2504
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
89B
MD5348beb1303020f7b1a6e904441419fe3
SHA13c2b039e85dd032e08be7626da1630edeff18fff
SHA2569b40d323a1bf0d36fd82dbd36784602e69107073507e8960ebe6c691dbcbda82
SHA512ec12127abc419484b65ebf60eead4b3d2289ead50d6879d664bf6e053050326b199a59f216855b631bc813b0e6cddd5e9640e53e70fd9eb1301646d1bc83850e