Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

CS2 Bhop_[...]_.exe

windows7-x64

7

CS2 Bhop_[...]_.exe

windows10-2004-x64

7

out.exe

windows7-x64

out.exe

windows10-2004-x64

Resubmissions

05/03/2024, 17:59

240305-wk7jesda7v 7

05/03/2024, 17:57

240305-wjrrksea33 7

Analysis

  • max time kernel
    10s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 17:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CS2 Bhop_[unknowncheats.me]_.exe

  • Size

    444KB

  • MD5

    ddfda1f4f000dd283aeacf61bbf09e94

  • SHA1

    dece52d7bcb5b25c216fc5b5edd66a80c2cac1e5

  • SHA256

    543a201d0a4ab2e487db61022719c3ccb74054c42f851b1582f41b2146c8ffa2

  • SHA512

    7a5f0cf34b84fec3774be35ea2f9f6e14414da692c6d8c66c7cf7be2d80a4243e058c488b74b7b7be0fb6bfa434d50f8e6a8e3ad45cba47c1309a554b6535c9e

  • SSDEEP

    12288:ofsVoCyy14HcQCOLD/JsShH2gTy88V9ibL:o0VoCdkcQhbF7yg

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 20 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CS2 Bhop_[unknowncheats.me]_.exe
    "C:\Users\Admin\AppData\Local\Temp\CS2 Bhop_[unknowncheats.me]_.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2692
  • C:\Windows\system32\taskmgr.exe
    "C:\Windows\system32\taskmgr.exe" /4
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2692-0-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2692-4-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2692-9-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-1-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2948-2-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-3-0x0000000140000000-0x00000001405E8000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2948-5-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-7-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-6-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-8-0x000000013F110000-0x000000013F21B000-memory.dmp

    Filesize

    1.0MB

    Download