Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    41s
  • max time network
    58s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/07/2024, 01:29

General

  • Target

    !!BEST TWEAKS/Registry _ Batch/EnableFSE.bat

  • Size

    449B

  • MD5

    55d6c6bc4bcb289fa38b279abae4cdd5

  • SHA1

    1b338d5b1f992e2a44e0a9bd52f6908f4ad44125

  • SHA256

    84000ccc7ea1a576cb5a35430b219bccc40b521eaf9befca0f06d3447720d5a3

  • SHA512

    a49109c49c52a9aae3738fc20bdd2ab5c990056b985dc0ee42b908f8b97356705b4d6b349c3d4bc4b865d954aed6daf3d03c4f5f7b0b56058ad3e9ee652e0548

Score
1/10

Malware Config

Signatures

  • Delays execution with timeout.exe 1 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\!!BEST TWEAKS\Registry _ Batch\EnableFSE.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:956
    • C:\Windows\system32\reg.exe
      Reg.exe add "HKCU\System\GameConfigStore" /v "GameDVR_Enabled" /t REG_DWORD /d "0" /f
      2⤵
        PID:4952
      • C:\Windows\system32\reg.exe
        Reg.exe add "HKCU\System\GameConfigStore" /v "GameDVR_FSEBehaviorMode" /t REG_DWORD /d "2" /f
        2⤵
          PID:1472
        • C:\Windows\system32\reg.exe
          Reg.exe add "HKCU\System\GameConfigStore" /v "GameDVR_HonorUserFSEBehaviorMode" /t REG_DWORD /d "1" /f
          2⤵
            PID:4308
          • C:\Windows\system32\reg.exe
            Reg.exe add "HKCU\System\GameConfigStore" /v "GameDVR_DXGIHonorFSEWindowsCompatible" /t REG_DWORD /d "1" /f
            2⤵
              PID:4476
            • C:\Windows\system32\timeout.exe
              timeout 5
              2⤵
              • Delays execution with timeout.exe
              PID:224

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads