Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0bd30f42b1...18.exe

windows7-x64

7

0bd30f42b1...18.exe

windows10-2004-x64

7

$PLUGINSDI...ge.dll

windows7-x64

1

$PLUGINSDI...ge.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...dt.dll

windows7-x64

1

$PLUGINSDI...dt.dll

windows10-2004-x64

1

7za.exe

windows7-x64

1

7za.exe

windows10-2004-x64

1

ChineseChess.exe

windows7-x64

3

ChineseChess.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dt.dll

windows7-x64

1

$PLUGINSDI...dt.dll

windows10-2004-x64

1

aminstall.dll

windows7-x64

1

aminstall.dll

windows10-2004-x64

3

Components...s.html

windows7-x64

1

Components...s.html

windows10-2004-x64

1

eula.rtf

windows7-x64

4

eula.rtf

windows10-2004-x64

1

readme.rtf

windows7-x64

4

readme.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    79s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 01:35 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/InstallOptions.dll

  • Size

    12KB

  • MD5

    3c19f79ce11facc2fc4d3351dbb263e0

  • SHA1

    17f4bf4b18ea7700f70ac7d825dc997be0d25f71

  • SHA256

    cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9

  • SHA512

    05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273

  • SSDEEP

    192:Aq6dnSzJb/WHM9Vm8/FlW8pMFEi49xpkpIURnPehwbbHF1Quhcb:L6dnYbuH+3FlcmzWnW2bbMuO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\InstallOptions.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3132
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\InstallOptions.dll,#1
      2⤵
        PID:3520
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3520 -s 628
          3⤵
          • Program crash
          PID:4984
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3520 -ip 3520
      1⤵
        PID:3720

      Network

        No results found
      • 52.111.227.14:443
        322 B
         7
      No results found

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.