Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

Backuptran...om.url

windows11-21h2-x64

3

Backuptran...up.exe

windows11-21h2-x64

4

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

archive.dll

windows11-21h2-x64

1

concrt140.dll

windows11-21h2-x64

1

imageforma...g4.dll

windows11-21h2-x64

1

libadb.dll

windows11-21h2-x64

1

libcrypto-1_1-x64.dll

windows11-21h2-x64

1

libcurl.dll

windows11-21h2-x64

1

libmobiledevice.dll

windows11-21h2-x64

1

libplist2.dll

windows11-21h2-x64

1

libssl-1_1-x64.dll

windows11-21h2-x64

1

msvcp140.dll

windows11-21h2-x64

1

sqlite_qt8.dll

windows11-21h2-x64

1

ucrtbase.dll

windows11-21h2-x64

1

usbaapl/usbaapl.sys

windows11-21h2-x64

1

usbaapl/usbaapl64.sys

windows11-21h2-x64

1

usbaapl/usbaaplrc.dll

windows11-21h2-x64

1

usbmuxd.exe

windows11-21h2-x64

1

vccorlib140.dll

windows11-21h2-x64

1

vcruntime140.dll

windows11-21h2-x64

1

Backuptran...us.exe

windows11-21h2-x64

1

Resubmissions

29/04/2024, 12:06

240429-n985jsaa46 4

Analysis

  • max time kernel
    91s
  • max time network
    93s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29/04/2024, 12:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)/Software Files/Setup.exe

  • Size

    16.0MB

  • MD5

    89828f9288f8366684b19779b93060c3

  • SHA1

    4d2a9ce8353f3c7e8613a2e2f3149329446e173f

  • SHA256

    26f7ffda7d482128cf645cc131426ddd12c0a935733a27f01de8ac0231b511af

  • SHA512

    1bda9657dbe1c9b4db1c232ca6ba1910d9440b003e2f96fb33581b143c76bffc057dbbd8db96e9bdf8eac8577e1980a5be1a89ddd77c7c2fb2136321b516c7e3

  • SSDEEP

    393216:FIjB/rSVX4FJH6KAu4nqy9k8OEv0SxTFS5MRjX:FABDxHADfVOK3oiR

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)\Software Files\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)\Software Files\Setup.exe"
    1⤵
    • Loads dropped DLL
    PID:4984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nse4595.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse4595.tmp\System.dll
    Filesize

    11KB

    MD5

    c17103ae9072a06da581dec998343fc1

    SHA1

    b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    SHA256

    dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    SHA512

    d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse4595.tmp\ioSpecial.ini
    Filesize

    819B

    MD5

    68c3d1f90591ed530557d32ebc1f10b6

    SHA1

    a4a102bbead94a85b7807410b4497dffe7b0a093

    SHA256

    ffa7295424e37c92c9a0bdd896d6b694d719ebec37ac6d93c26883bd8ba771c3

    SHA512

    a9bf78d8a800859c989f68f269e429287b6e0050a40c00b40e0424f6e38b5abdf319b03fdff2237b7273191d3b7dc843291d38d792a62e0e9f42681b088e79dd

    Download Submit