Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

MerekV3.08_Lite.rar

windows7-x64

4

MerekV3.08_Lite.rar

windows10-2004-x64

7

MerekV3.08...DME.md

windows7-x64

3

MerekV3.08...DME.md

windows10-2004-x64

3

MerekV3.08...10.pyc

windows7-x64

3

MerekV3.08...10.pyc

windows10-2004-x64

3

MerekV3.08...ts.bat

windows7-x64

1

MerekV3.08...ts.bat

windows10-2004-x64

1

MerekV3.08...10.pyc

windows7-x64

3

MerekV3.08...10.pyc

windows10-2004-x64

3

MerekV3.08...bot.py

windows7-x64

3

MerekV3.08...bot.py

windows10-2004-x64

3

MerekV3.08...st.zip

windows7-x64

1

MerekV3.08...st.zip

windows10-2004-x64

1

best/.data...ion_id

windows7-x64

1

best/.data...ion_id

windows10-2004-x64

1

best/byteorder

windows7-x64

1

best/byteorder

windows10-2004-x64

1

best/data.pkl

windows7-x64

3

best/data.pkl

windows10-2004-x64

3

best/data/0

windows7-x64

1

best/data/0

windows10-2004-x64

1

best/data/1

windows7-x64

1

best/data/1

windows10-2004-x64

1

best/data/10

windows7-x64

1

best/data/10

windows10-2004-x64

1

best/data/100

windows7-x64

1

best/data/100

windows10-2004-x64

1

best/data/101

windows7-x64

1

best/data/101

windows10-2004-x64

1

best/data/102

windows7-x64

1

best/data/102

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 14:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MerekV3.08 Lite/Merek Aimbot/README.md

  • Size

    752B

  • MD5

    f8238688955ceec65b8a30c8c803d942

  • SHA1

    e03ecc55bcf254bae6801cdb0d351854b21a7739

  • SHA256

    38c0d0c16fb615672b9c5635bfcdc569670deb4194d16fdb87585a7a813aac21

  • SHA512

    d55794aee2beae7e892b03843b3837ffd4de91f72b33054c9516e8c5434f106e732800a1ded9f40d3445f469fad808815695956fe374a6a0da927dda1175b740

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\MerekV3.08 Lite\Merek Aimbot\README.md"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\MerekV3.08 Lite\Merek Aimbot\README.md
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2568
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\MerekV3.08 Lite\Merek Aimbot\README.md"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    a8dbaa91fbba92b1cbd8e01c761d4360

    SHA1

    ec212c930466061f3ecc00d36334994191c75019

    SHA256

    79a19189f45312fc6e4e49d536eb73f77c9350eaa243789befed2cadac0621de

    SHA512

    1bb09c39dd9958f1aa86eae510436a24866e9e1a0bf2975f3e249489843ec34e2f29230fdceea2e34e0a439eaa804f914b5b018c739b9ff7d40bac99f3a9217e

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.