Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Thief Simu...VH.xml

windows7-x64

1

Thief Simu...VH.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/06/2024, 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Thief Simulator 2 v1.2_Table v1.1_ColonelRVH.xml

  • Size

    42KB

  • MD5

    c6d7bf19f5c216a47beb26be2c3730b7

  • SHA1

    22a83b4dee0bd4b63d9b8e60a9d1d6326b313620

  • SHA256

    3a7da7559435335a57eae81bbc5cc6e08e2927953984c72046b6e494e84e7c0c

  • SHA512

    e10667c841f4d48ed965157dfb3333cd94b90b6f77a85e786979d0e7769dcf0012bc8af28a42e7f5c4229c0661c081b9788bd5d0b11ae95e9e0e17543d4aa2af

  • SSDEEP

    384:HjIatuzuhuluwuQuOaBfRUDVXMuUutveDGMuUuysMRQ0MuUu/temcMuUuUBNrMun:DIq0DGoCQOI6DkWYm

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Thief Simulator 2 v1.2_Table v1.1_ColonelRVH.xml"
    1⤵
      PID:1484

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1484-0-0x00007FFE76310000-0x00007FFE76320000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1484-1-0x00007FFEB632D000-0x00007FFEB632E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1484-2-0x00007FFEB6290000-0x00007FFEB6485000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1484-3-0x00007FFEB6290000-0x00007FFEB6485000-memory.dmp

      Filesize

      2.0MB

      Download