Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Luna-Grabb...der.py

windows7-x64

3

Luna-Grabb...der.py

windows10-2004-x64

3

Luna-Grabb...der.py

windows7-x64

3

Luna-Grabb...der.py

windows10-2004-x64

3

Luna-Grabb...una.py

windows7-x64

3

Luna-Grabb...una.py

windows10-2004-x64

3

Luna-Grabb...pam.py

windows7-x64

3

Luna-Grabb...pam.py

windows10-2004-x64

3

Luna-Grabb...ers.py

windows7-x64

3

Luna-Grabb...ers.py

windows10-2004-x64

3

Luna-Grabb...ard.py

windows7-x64

3

Luna-Grabb...ard.py

windows10-2004-x64

3

Luna-Grabb...les.py

windows7-x64

3

Luna-Grabb...les.py

windows10-2004-x64

3

Luna-Grabb...bug.py

windows7-x64

3

Luna-Grabb...bug.py

windows10-2004-x64

3

Luna-Grabb...der.py

windows7-x64

3

Luna-Grabb...der.py

windows10-2004-x64

3

Luna-Grabb...ord.py

windows7-x64

3

Luna-Grabb...ord.py

windows10-2004-x64

3

Luna-Grabb...ror.py

windows7-x64

3

Luna-Grabb...ror.py

windows10-2004-x64

3

Luna-Grabb...mes.py

windows7-x64

3

Luna-Grabb...mes.py

windows10-2004-x64

3

Luna-Grabb...ion.py

windows7-x64

3

Luna-Grabb...ion.py

windows10-2004-x64

3

Luna-Grabb...lox.py

windows7-x64

3

Luna-Grabb...lox.py

windows10-2004-x64

3

Luna-Grabb...hot.py

windows7-x64

3

Luna-Grabb...hot.py

windows10-2004-x64

3

Luna-Grabb...uct.py

windows7-x64

3

Luna-Grabb...uct.py

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2024, 05:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Luna-Grabber-main/options/Browsers.py

  • Size

    6KB

  • MD5

    91848f3d8e6ac6ccf90b83cfb87322cd

  • SHA1

    62632262210b6d13ebeefc36fdce92b011387868

  • SHA256

    1a9de3ad311b70cf37c3b6f1b9e77faaa38ca8b2e9e33046f824af2a20be1184

  • SHA512

    7b6d4db865e2383a6e27942302a4634018ffd933d9ba9d82c00b17ceec8ea3f68fcac0fbe756b2b00a00cbd4140385ef3b0f0734e18cd158feb4cf28b9aaaa5d

  • SSDEEP

    192:S8RI0pRHIG+abKcphGE3+OK1w81A7ln42:NRI0pRHIG+abKcph0w81A7K2

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2596
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    37c6ef18b30feba22af74508151017c0

    SHA1

    1a82e9785f4fa5f98812fa98cceaafaa68644fa2

    SHA256

    ad8a4880656fd06c2ee999d06a3781e844d81fc46c70d8419bb5bb1b6d60fa51

    SHA512

    10c0e7931dd8a324b1c16edcca85a4c5eef2130d73cbb39c455cf226d47bcf679863a3335b1998da2bc72bdcecad8943a2d38582326ca2a1fb527928eeabce38

    Download Submit