Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

XMT2_Win_S...28.exe

windows7-x64

7

XMT2_Win_S...28.exe

windows10-2004-x64

7

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...r2.dll

windows7-x64

4

res/driver...r2.dll

windows10-2004-x64

3

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...r2.dll

windows7-x64

4

res/driver...r2.dll

windows10-2004-x64

1

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...09.dll

windows7-x64

1

res/driver...09.dll

windows10-2004-x64

1

res/driver...r2.dll

windows7-x64

3

res/driver...r2.dll

windows10-2004-x64

3

res/driver...df.exe

windows7-x64

7

res/driver...df.exe

windows10-2004-x64

7

res/driver...11.exe

windows7-x64

7

res/driver...11.exe

windows10-2004-x64

7

res/driver...07.dll

windows7-x64

4

res/driver...07.dll

windows10-2004-x64

4

res/driver...07.dll

windows7-x64

1

res/driver...07.dll

windows10-2004-x64

1

res/driver...er.dll

windows7-x64

4

res/driver...er.dll

windows10-2004-x64

4

res/driver...07.dll

windows7-x64

4

res/driver...07.dll

windows10-2004-x64

4

Analysis

  • max time kernel
    179s
  • max time network
    233s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/03/2024, 13:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XMT2_Win_Setup_20.7.28.exe

  • Size

    91.3MB

  • MD5

    9a65af3199c6a9fc3820e7ec7c738e53

  • SHA1

    89368559de13cef61ebaea881b7385eaf9107932

  • SHA256

    fc16a73ee55b2a601b923eabf03c28180a7345f2d4e1da7dcdc9716a03ed5aa6

  • SHA512

    196015c9852f9e65da18bb6119971e637b8e1490661102f6616e6352f63409c9ef36f3035d8128813ba5eace88cf8c6d2f2f1c33a9c5a6e6022d7b6fcb6a3b40

  • SSDEEP

    1572864:xdEEo7QJ1cOW0IBV5CUX5Njm2gjvY2hhI+/1qE/wedzDZ6:xeH7QJ1wjI65BRqYQ+u7/wedzDZ6

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\XMT2_Win_Setup_20.7.28.exe
    "C:\Users\Admin\AppData\Local\Temp\XMT2_Win_Setup_20.7.28.exe"
    1⤵
    • Loads dropped DLL
    PID:436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsg5E4.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    8d5a5529462a9ba1ac068ee0502578c7

    SHA1

    875e651e302ce0bfc8893f341cf19171fee25ea5

    SHA256

    e625dcd0188594b1289891b64debddeb5159aca182b83a12675427b320bf7790

    SHA512

    101da2c33f47bd85b8934318e0f0b72f820afc928a2a21e2c7823875e3a0e830f7c67f42b4c2f30596eaa073617790c89700c0d95b7949ec617e52800b61d462

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg5E4.tmp\System.dll
    Filesize

    11KB

    MD5

    b0c77267f13b2f87c084fd86ef51ccfc

    SHA1

    f7543f9e9b4f04386dfbf33c38cbed1bf205afb3

    SHA256

    a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77

    SHA512

    f2b57a2eea00f52a3c7080f4b5f2bb85a7a9b9f16d12da8f8ff673824556c62a0f742b72be0fd82a2612a4b6dbd7e0fdc27065212da703c2f7e28d199696f66e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg5E4.tmp\ioSpecial.ini
    Filesize

    732B

    MD5

    bb3e5a5d19350269961f759dd874f0e9

    SHA1

    6c4e69b540b9c22ec3aa3afdcf1e1e3a77eb17aa

    SHA256

    636c4dd6649dca08815d822a1176865e1935a3350206155fcb9efc0e4295ad93

    SHA512

    e37a07593a13ce7d3b3144b2a33747c2b102614e52b07cf199181665af211d338913311df49a473c5f88fe63e777e524bdfe986277d00b77f4a43f7a9b947c31

    Download Submit