Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ps2_bios.zip

windows7-x64

1

ps2_bios.zip

windows10-2004-x64

1

PS2 Bios 3...al.mec

windows7-x64

3

PS2 Bios 3...al.mec

windows10-2004-x64

3

PS2 Bios 3...al.nvm

windows7-x64

3

PS2 Bios 3...al.nvm

windows10-2004-x64

3

PS2 Bios 3...al.bin

windows7-x64

3

PS2 Bios 3...al.bin

windows10-2004-x64

3

SCPH-70004...00.bin

windows7-x64

3

SCPH-70004...00.bin

windows10-2004-x64

3

SCPH-70004...0.erom

windows7-x64

3

SCPH-70004...0.erom

windows10-2004-x64

3

SCPH-70004...00.nvm

windows7-x64

3

SCPH-70004...00.nvm

windows10-2004-x64

3

SCPH-70004...0.rom1

windows7-x64

3

SCPH-70004...0.rom1

windows10-2004-x64

3

SCPH-70004...0.rom2

windows7-x64

3

SCPH-70004...0.rom2

windows10-2004-x64

3

rom1.bin

windows7-x64

3

rom1.bin

windows10-2004-x64

3

scph10000.nvm

windows7-x64

3

scph10000.nvm

windows10-2004-x64

3

scph10000.bin

windows7-x64

3

scph10000.bin

windows10-2004-x64

3

scph39001.mec

windows7-x64

3

scph39001.mec

windows10-2004-x64

3

scph39001.nvm

windows7-x64

3

scph39001.nvm

windows10-2004-x64

3

scph39001.bin

windows7-x64

3

scph39001.bin

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 12:56 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    scph10000.bin

  • Size

    4.0MB

  • MD5

    acf4730ceb38ac9d8c7d8e21f2614600

  • SHA1

    aea061e6e263fdcc1c4fdbd68553ef78dae74263

  • SHA256

    c4dad3b5c6ad58bce70a47fc332602880f041c0338ac6be89061c928f6919ab1

  • SHA512

    1ef01ab94d6c75b788ac7fc37f965b3db6c69003faca2a955784fd65c64d898a151d8129367fa42dff22da3377aa376c21c0f28318927998425fcdf74a81d0a1

  • SSDEEP

    49152:F0aOLlQM5NJucyhh5ETm8tXP/D4S7Z3540ze2TIMQfV6E:F0aYu/hh5x0V35xihBVV

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\scph10000.bin
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\scph10000.bin
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2740
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\scph10000.bin"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0fb02a02fd91b3511abe624229b43585

    SHA1

    585f79e1b28942f1b67d23300db5e9e70eabecf0

    SHA256

    73cada57ae5fee14a37ea291f890d4bfed044c4ec5645fdf179f19ef15e8fa01

    SHA512

    b2216eebf5b35bd122351f756ab6a3de7aa615d9ad5172c56a6fab21e4faf39fbf8afcd13f467c3e07a88a7cb1e2c7d409a2cb53ebd08fe26e54db3bf5bd59be

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.