Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Cross Scene Final.glb

windows7-x64

3

Cross Scene Final.glb

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 19:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cross Scene Final.glb

  • Size

    70.0MB

  • MD5

    787e8040ca6fe9153af36077869c76a3

  • SHA1

    9784cec146ce2026e2c1fd6bb6122b0ee4213980

  • SHA256

    e6c58352096cf1056402dafd1b7cd91cd97dbaa9c0d5564357a8cff51bf859b6

  • SHA512

    7425b01f30c84d73dee11d2856e8e164cc317f79562031a1901cca6e384ab78c38aba06011139fd0590ddc1839544a597fc420270c33634816d2c825a34f7741

  • SSDEEP

    3::

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Cross Scene Final.glb"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Cross Scene Final.glb
      2⤵
      • Modifies registry class
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.