Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Rino's Dis...xe.xml

windows7-x64

1

Rino's Dis...xe.xml

windows10-1703-x64

1

Rino's Dis...xe.xml

windows10-2004-x64

1

Rino's Dis...xe.xml

windows11-21h2-x64

1

Rino's Dis...it.pdb

windows7-x64

3

Rino's Dis...it.pdb

windows10-1703-x64

3

Rino's Dis...it.pdb

windows10-2004-x64

3

Rino's Dis...it.pdb

windows11-21h2-x64

3

Rino's Dis...it.exe

windows7-x64

7

Rino's Dis...it.exe

windows10-1703-x64

10

Rino's Dis...it.exe

windows10-2004-x64

7

Rino's Dis...it.exe

windows11-21h2-x64

7

�l˷��&.pyc

windows7-x64

�l˷��&.pyc

windows10-1703-x64

�l˷��&.pyc

windows10-2004-x64

�l˷��&.pyc

windows11-21h2-x64

Rino's Dis...it.exe

windows7-x64

10

Rino's Dis...it.exe

windows10-1703-x64

10

Rino's Dis...it.exe

windows10-2004-x64

10

Rino's Dis...it.exe

windows11-21h2-x64

10

Resubmissions

14/03/2024, 10:26 UTC

240314-mgrjcsbh52 10

14/03/2024, 10:25 UTC

240314-mfxc8ahe7z 10

Analysis

  • max time kernel
    7s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    14/03/2024, 10:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Rino's Discord Account ToolKit/Rino's Discord Account ToolKit.pdb

  • Size

    37KB

  • MD5

    1b7793d953d507e4485773a501a287b7

  • SHA1

    01e3d15e1ec4a1ea575c2749c5df1adf4d79e7cb

  • SHA256

    afab8369e4387abd8620802be1481df2e5957834aee7d1604b120b2bc63029b1

  • SHA512

    4eba9e46a1e74cf3104fd170a59e0c234c194ce8e9e0f5f56d98afe7a51080433504713ee791090b5f5624f745ab8c145397d5c1e77023c3201c8130f1a785a8

  • SSDEEP

    768:bJlvT/BCXTX2fC4Kr0gC9KKnTSISGf45VjzxlrWcSZY:bJlvT/BCjqSYSy2xlrWcSZY

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Rino's Discord Account ToolKit\Rino's Discord Account ToolKit.pdb"
    1⤵
    • Modifies registry class
    PID:1904
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.