Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

OTP Bypass...p-diff

ubuntu-18.04-amd64

1

OTP Bypass...p-diff

debian-9-armhf

1

OTP Bypass...p-diff

debian-9-mips

1

OTP Bypass...p-diff

debian-9-mipsel

1

OTP Bypass...p-grep

ubuntu-18.04-amd64

1

OTP Bypass...p-grep

debian-9-armhf

1

OTP Bypass...p-grep

debian-9-mips

1

OTP Bypass...p-grep

debian-9-mipsel

1

OTP Bypass...in.exe

windows7-x64

7

OTP Bypass...in.exe

windows10-2004-x64

7

OTP Bypass...up.exe

windows7-x64

7

OTP Bypass...up.exe

windows10-2004-x64

7

)-(��.pyc

windows7-x64

)-(��.pyc

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 18:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OTP Bypasser v1/login.exe

  • Size

    48.9MB

  • MD5

    3f021a743dfffaf6339507e764e11852

  • SHA1

    4a95d0a84fb633a715ff0db83c9b56db5a592a70

  • SHA256

    faeb443e13fda78ba26820c2be59d32ee1d7d59c0a9ead6978d2e113bcd25461

  • SHA512

    541eb6d6a8552947c552a20072292ce8c9c106b91b3e0ad6062b47a444d53e4b77ec4f9fbc173f32b3d5da88a5b0a7aaa4a25cd2ddb8f61c5ec816e8d5ddc9aa

  • SSDEEP

    393216:C94n6eQnJVgetJBRrnlPSa7KvMwGs4zGbdd7BRo:C9mQtrnlxmUNcL7v

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\OTP Bypasser v1\login.exe
    "C:\Users\Admin\AppData\Local\Temp\OTP Bypasser v1\login.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Users\Admin\AppData\Local\Temp\OTP Bypasser v1\login.exe
      "C:\Users\Admin\AppData\Local\Temp\OTP Bypasser v1\login.exe"
      2⤵
      • Loads dropped DLL
      PID:2912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22122\python311.dll
    Filesize

    1.6MB

    MD5

    93fbda093dcc8b7ce3bca1411757d7d8

    SHA1

    25c5035659aeb647fb7c5d9b82dd49dd685504c2

    SHA256

    233f4666110f88447382dc4726bd85161e749c6a0f77145e59018d24fd0e0eb5

    SHA512

    f4d7729897449ca2147cb92fc5bd4130279d4008c6c1a77f37110aa85c5bcf010995858a828e22a4633db8eda40586c53f504874b6205040ad5cb1df130e9f82

    Download Submit

  • memory/2912-103-0x000007FEF5E30000-0x000007FEF641A000-memory.dmp

    Filesize

    5.9MB

    Download