Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

setup.exe

windows7-x64

4

setup.exe

windows10-2004-x64

4

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/frapsv64.dll

windows7-x64

1

$SYSDIR/frapsv64.dll

windows10-2004-x64

1

$SYSDIR/frapsvid.dll

windows7-x64

1

$SYSDIR/frapsvid.dll

windows10-2004-x64

1

$TEMP/beepa.bmp

windows7-x64

3

$TEMP/beepa.bmp

windows10-2004-x64

7

HELP/help_fps.htm

windows7-x64

1

HELP/help_fps.htm

windows10-2004-x64

1

HELP/help_general.htm

windows7-x64

1

HELP/help_general.htm

windows10-2004-x64

1

HELP/help_movies.htm

windows7-x64

1

HELP/help_movies.htm

windows10-2004-x64

1

HELP/help_...ts.htm

windows7-x64

1

HELP/help_...ts.htm

windows10-2004-x64

1

README.htm

windows7-x64

1

README.htm

windows10-2004-x64

1

changes.txt

windows7-x64

1

changes.txt

windows10-2004-x64

1

fraps.exe

windows7-x64

9

fraps.exe

windows10-2004-x64

9

fraps32.dll

windows7-x64

1

fraps32.dll

windows10-2004-x64

1

fraps64.exe

windows7-x64

1

fraps64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/05/2024, 15:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    setup.exe

  • Size

    2.4MB

  • MD5

    d1be561690e1d91e515faf9581cf81a6

  • SHA1

    9fed9a02c3845ca78bd72319bbfcf5140e64a36a

  • SHA256

    7213f30970c9764e1e0f85f15125f9241cf2619fb4724d322b5fe6f8ee3d9da0

  • SHA512

    919e7bd14b65bf4fc778ce3409a92fdb5a59516cdb43d5dd3626ff2d18be9389951a289afe7453aeb6f8b9e314007c007a6f3bb7137f4fd167ce5688cebf28f5

  • SSDEEP

    49152:Ytavs+rX1wXzrf7XC4yY86lG8mFMRkoma4ftd0B8K4QH9SsmHFDTWU:Yn+j1wHzyb38mORkdtdCzdSsmHRTn

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\setup.exe"
    1⤵
    • Loads dropped DLL
    PID:4472

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsf4681.tmp\AdvSplash.dll
    Filesize

    6KB

    MD5

    13cc92f90a299f5b2b2f795d0d2e47dc

    SHA1

    aa69ead8520876d232c6ed96021a4825e79f542f

    SHA256

    eb1ca2b3a6e564c32677d0cdc388e26b74ef686e071d7dbca44d0bfa10488feb

    SHA512

    ff4e6e6e7104568fc85ef3a3f0494a5c7822a4ceaf65c584ad534f08f9a472a8d86f0a62f1f86343c61e2540b2254714b7ea43e4b312ff13d8271ff069386fa3

    Download Submit