Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

EldenRingF....0.exe

windows7-x64

1

EldenRingF....0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/03/2024, 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EldenRingFPSUnlockAndMore_v1.1.0.0.exe

  • Size

    393KB

  • MD5

    1fffda8835e3673aadb418b0fb2cf935

  • SHA1

    de5726a86abd86e80b123f5425857d7ce9b242f0

  • SHA256

    15ee24284cd11c49da02eb2ad1e55bba6c70d5d2ebe85859079872edaffd5a0c

  • SHA512

    6bbd74eca660a80d3375b939cbbc9bcc0a287942e8594129fadf46c12aaa8a1798242966faaca57fc6d79ab1ea6565e23ca652967b24747e61cd942993fde105

  • SSDEEP

    6144:qIw8okGbaLIT8yB2oFpgNTWOTsMFxIT8yB2QFpgvTWOTpMK:68UT8yBfLgNbFFiT8yBNLgvbuK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EldenRingFPSUnlockAndMore_v1.1.0.0.exe
    "C:\Users\Admin\AppData\Local\Temp\EldenRingFPSUnlockAndMore_v1.1.0.0.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3420-0-0x000002498F1D0000-0x000002498F236000-memory.dmp

    Filesize

    408KB

    Download

  • memory/3420-1-0x00007FFD05130000-0x00007FFD05BF1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3420-2-0x00000249AB0F0000-0x00000249AB100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3420-3-0x00000249AB020000-0x00000249AB028000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3420-4-0x00000249AB0F0000-0x00000249AB100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3420-5-0x00000249AB0F0000-0x00000249AB100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3420-7-0x00000249AB300000-0x00000249AB30E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3420-6-0x00000249AE870000-0x00000249AE8A8000-memory.dmp

    Filesize

    224KB

    Download