Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

OPP_Beta_Test_26.rar

windows7-x64

3

OPP_Beta_Test_26.rar

windows10-2004-x64

7

OPP/Assets...der.cs

windows7-x64

3

OPP/Assets...der.cs

windows10-2004-x64

3

OPP/Assets...shader

windows7-x64

3

OPP/Assets...shader

windows10-2004-x64

3

OPP/BoneFoot.png

windows7-x64

3

OPP/BoneFoot.png

windows10-2004-x64

3

OPP/BoneHead.png

windows7-x64

3

OPP/BoneHead.png

windows10-2004-x64

3

OPP/BoneLower.png

windows7-x64

3

OPP/BoneLower.png

windows10-2004-x64

3

OPP/BoneLowerArm.png

windows7-x64

3

OPP/BoneLowerArm.png

windows10-2004-x64

3

OPP/BoneLowerLeg.png

windows7-x64

3

OPP/BoneLowerLeg.png

windows10-2004-x64

3

OPP/BoneMiddle.png

windows7-x64

3

OPP/BoneMiddle.png

windows10-2004-x64

3

OPP/BoneUpper.png

windows7-x64

3

OPP/BoneUpper.png

windows10-2004-x64

3

OPP/BoneUpperArm.png

windows7-x64

3

OPP/BoneUpperArm.png

windows10-2004-x64

3

OPP/BoneUpperLeg.png

windows7-x64

3

OPP/BoneUpperLeg.png

windows10-2004-x64

3

OPP/Catego...der.cs

windows7-x64

3

OPP/Catego...der.cs

windows10-2004-x64

3

OPP/Charac...er.png

windows7-x64

3

OPP/Charac...er.png

windows10-2004-x64

3

OPP/Charac...rm.png

windows7-x64

3

OPP/Charac...rm.png

windows10-2004-x64

3

OPP/Charac...-1.png

windows7-x64

3

OPP/Charac...-1.png

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23/02/2024, 14:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OPP/CategoryBuilder.cs

  • Size

    1KB

  • MD5

    abb5fe3f0cdfcd47dab132781edae13f

  • SHA1

    f8a95ed41992da4bd9271a9fe49c18097ef5f17a

  • SHA256

    61390b6bd8a5f868e04fceb53f7cd46dd31050d3c3e7422d3d644505d3c80733

  • SHA512

    19edca7e7d61583adb949ef80a96e49bc5fe4affc6caf33d187029700fde259fa2e424f31ec46f20dfb6abca5cdb1aec11a7ac280e52dccd7dc6dcb01523ec9f

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: CmdExeWriteProcessMemorySpam 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\OPP\CategoryBuilder.cs
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:1320
    • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
      "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\OPP\CategoryBuilder.cs"
      2⤵
      • Suspicious behavior: CmdExeWriteProcessMemorySpam
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3c0a2a59497f2371275d318d7d9e5df7

    SHA1

    2b2677344ed773608b8a3414f8ab6e270814b8ae

    SHA256

    8391d7e3c4a5b1b995d3e491a11d0ffbefd8d683c66439d272a025c88e8669a9

    SHA512

    7b7b904127cc6f59d607bedfb0f7517be668eeb83d2f7651875f25b4700552c86857ae79c529fdd5fa1083b9a2f243408fb72bf081e8f60df2dcd99139b87c22

    Download Submit