Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

de07a39f9b...d5.exe

windows7-x64

3

de07a39f9b...d5.exe

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...pt.dll

windows7-x64

1

$PLUGINSDI...pt.dll

windows10-2004-x64

1

$_5_.dll

windows7-x64

6

$_5_.dll

windows10-2004-x64

6

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2024, 12:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_5_.dll

  • Size

    356KB

  • MD5

    7accdf78defcc6fbd31db53de740aa74

  • SHA1

    0f5f1ac818fde9190e13ce0cfb015f42256d5ccd

  • SHA256

    1cfa9761496b9769f493cb14c9f7307f047a4527632df525b04219ca30097843

  • SHA512

    10790d2797b486f8bc5fa5199d9a097cefd644eda7afe8827f650b8e55def75b6053d74d95e60fec93d789bf57ea9283c90db97b6d9eb511cafc2d70db49d028

  • SSDEEP

    6144:HCwTY1lbl1yyCBFz14U3PjDVNYnGrR+h+7ShZzTTBkTTRRa9M0RTgbpJRVdVa:HnE74Z11jvnrR+yWzTTeTTRRtWgra

Score
6/10
adwarestealer

Malware Config

Signatures

  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Modifies registry class 5 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\$_5_.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2920
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\$_5_.dll
      2⤵
      • Installs/modifies Browser Helper Object
      • Modifies registry class
      PID:1812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.