Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

PolyMC-Win....1.exe

windows7-x64

7

PolyMC-Win....1.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

1

$PLUGINSDI...gs.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

Qt6Charts.dll

windows7-x64

1

Qt6Charts.dll

windows10-2004-x64

1

Qt6Core.dll

windows7-x64

1

Qt6Core.dll

windows10-2004-x64

1

Qt6Core5Compat.dll

windows7-x64

1

Qt6Core5Compat.dll

windows10-2004-x64

1

Qt6Gui.dll

windows7-x64

1

Qt6Gui.dll

windows10-2004-x64

1

Qt6Network.dll

windows7-x64

1

Qt6Network.dll

windows10-2004-x64

1

Qt6OpenGL.dll

windows7-x64

1

Qt6OpenGL.dll

windows10-2004-x64

1

Qt6OpenGLWidgets.dll

windows7-x64

1

Qt6OpenGLWidgets.dll

windows10-2004-x64

1

Qt6Svg.dll

windows7-x64

1

Qt6Svg.dll

windows10-2004-x64

1

Qt6Widgets.dll

windows7-x64

1

Qt6Widgets.dll

windows10-2004-x64

1

Qt6Xml.dll

windows7-x64

1

Qt6Xml.dll

windows10-2004-x64

1

iconengine...on.dll

windows7-x64

1

iconengine...on.dll

windows10-2004-x64

1

imageformats/qgif.dll

windows7-x64

1

imageformats/qgif.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 04:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PolyMC-Windows-Setup-6.1.exe

  • Size

    35.7MB

  • MD5

    5bb2a28bb44d9033b2faa48f32da0808

  • SHA1

    30b5f1936b77874ec3cf698e0427164d67da48bc

  • SHA256

    a24c03e63449db0f994c715115c7648e88182888305be3554ef8f9a9215a0501

  • SHA512

    3f05d74741a5fc69f58ab33499ded5760c9af3ebd6d8b531259b5c45b51c9273e3a09c6a1fa12a3b0d8caa54476d212aa7bdda3f8a41bc987beef5255747bab5

  • SSDEEP

    786432:rO6WYUESAnXNJrFIwY/p/bMVrRYdi3UsGYBniW890Ker:rlWYIAn9AwYR/wVrRYM33G2ni9iX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PolyMC-Windows-Setup-6.1.exe
    "C:\Users\Admin\AppData\Local\Temp\PolyMC-Windows-Setup-6.1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsy1A07.tmp\nsDialogs.dll
    Filesize

    14KB

    MD5

    cf1d851a552068aaa0515ecbff6f40d2

    SHA1

    e2cb25ac6cee0712486c8c2a7e00250a89554ca5

    SHA256

    38192df38514cabdd22e08cba2b3d27aac774ac8090a0f326d441718f47a82c6

    SHA512

    b76b86b8866c5b5556c361878b128e1ff5010585c79b733df4548ee7344cdde409d647afb1e50cdf8d33d74595bc2b8fa971ba4b80e78d00670d085a1871d832

    Download Submit

  • memory/3064-10-0x000007FEFC060000-0x000007FEFC06D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/3064-9-0x0000000140000000-0x0000000140206000-memory.dmp

    Filesize

    2.0MB

    Download