Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Battly-Lau...er.exe

windows7-x64

7

Battly-Lau...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/02/2024, 15:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Battly-Launcher-win-installer.exe

  • Size

    87.5MB

  • MD5

    a58cebad2cd516aa270e545101989bb6

  • SHA1

    75384f9073c9df2dcc0d148c26e5ab1fd3e6ebc6

  • SHA256

    8eec3876044cf62a32504157496c36ec67cbd13cf96561b5a56b4b3bd2605841

  • SHA512

    fa49deb0827ae16f34aa8ed5f92c7d8f2f674a13b4164c417d7bc44f16d1863a36d060aeffec4dae7fd3bcc0c03200401d18fae0dfec4a6d90d9ba739fb0207b

  • SSDEEP

    1572864:ndc4v6Skl5L+Pe16OIb08t7oQwrCzDrelX+hefmUYL+RcN6kaWEgP:dc48l5yW16OIbhahrCbelOh+YLB6kg

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe
    "C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4300
    • C:\Users\Admin\AppData\Local\Temp\is-V7EQO.tmp\Battly-Launcher-win-installer.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-V7EQO.tmp\Battly-Launcher-win-installer.tmp" /SL5="$80236,90701607,832512,C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe"
      2⤵
      • Executes dropped EXE
      PID:4136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-V7EQO.tmp\Battly-Launcher-win-installer.tmp
    Filesize

    2.3MB

    MD5

    ffd53855b89ea88b045c0fb8ba2f4778

    SHA1

    88a337c69edfebca8434c5c7a91e12303cc59276

    SHA256

    df2d7c5ff3fdbbd0fd2cd88cc8d01614c023c58283111e2b3c31aa701beeba3c

    SHA512

    87d4876c2b6a9c22a51acd3af9401fa57c5876c51aa9fb49c1f2755835166c956029d8e338b5709db2e4cf85cad1869c3cf9e9c1e7a9a2727337062309b88fea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\is-V7EQO.tmp\Battly-Launcher-win-installer.tmp
    Filesize

    2.8MB

    MD5

    157ede265dea8f85b5b03a9fe44ecacb

    SHA1

    27f55998a2411dc6786db5a879e7938cd3602c4b

    SHA256

    0295e3be63cf53fab11f44b12350fa60c4f1e2a3a70dc785d290c5eb88fd5560

    SHA512

    fc57fe9795f06f416089583c87d72a5158510e3cce32209c06b3e1cbbf7cfab362928af17202449711f810c024c8ea894c748d91058a8accdf62df6614c5f645

    Download Submit

  • memory/4136-7-0x0000000000940000-0x0000000000941000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-9-0x0000000000400000-0x000000000071C000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/4300-0-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/4300-2-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/4300-8-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download