c4e6f9331755878841a23e1bc15def01e21a434f65c3ea5f978901faee26d13d

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

ch/Cheat Engine.exe

windows7-x64

ch/Cheat Engine.exe

windows10-2004-x64

ch/CheatEngine.chm

windows7-x64

ch/CheatEngine.chm

windows10-2004-x64

ch/DotNetD...32.exe

windows7-x64

ch/DotNetD...32.exe

windows10-2004-x64

ch/DotNetD...64.exe

windows7-x64

ch/DotNetD...64.exe

windows10-2004-x64

ch/libipt-32.dll

windows7-x64

ch/libipt-32.dll

windows10-2004-x64

ch/libipt-64.dll

windows7-x64

ch/libipt-64.dll

windows10-2004-x64

ch/libmikmod32.dll

windows7-x64

ch/libmikmod32.dll

windows10-2004-x64

ch/libmikmod64.dll

windows7-x64

ch/libmikmod64.dll

windows10-2004-x64

ch/lua53-32.dll

windows7-x64

ch/lua53-32.dll

windows10-2004-x64

ch/lua53-64.dll

windows7-x64

ch/lua53-64.dll

windows10-2004-x64

ch/luaclient-i386.dll

windows7-x64

ch/luaclient-i386.dll

windows10-2004-x64

ch/luaclie...64.dll

windows7-x64

ch/luaclie...64.dll

windows10-2004-x64

ch/plugins...ple.js

windows7-x64

ch/plugins...ple.js

windows10-2004-x64

ch/plugins...orm.js

windows7-x64

ch/plugins...orm.js

windows10-2004-x64

ch/plugins...rm.vbs

windows7-x64

ch/plugins...rm.vbs

windows10-2004-x64

ch/plugins...le.dll

windows7-x64

ch/plugins...le.dll

windows10-2004-x64

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20240508-es
resource tags

arch:x64arch:x86image:win7-20240508-eslocale:es-esos:windows7-x64systemwindows
submitted
05/07/2024, 14:11

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ch/Cheat Engine.exe

Resource

win7-20240221-es

windows7-x64

8 signatures

300 seconds

Behavioral task

behavioral2

Sample

ch/Cheat Engine.exe

Resource

win10v2004-20240704-es

windows10-2004-x64

8 signatures

300 seconds

Behavioral task

behavioral3

Sample

ch/CheatEngine.chm

Resource

win7-20240508-es

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral4

Sample

ch/CheatEngine.chm

Resource

win10v2004-20240704-es

windows10-2004-x64

9 signatures

300 seconds

Behavioral task

behavioral5

Sample

ch/DotNetDataCollector32.exe

Resource

win7-20240419-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral6

Sample

ch/DotNetDataCollector32.exe

Resource

win10v2004-20240508-es

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral7

Sample

ch/DotNetDataCollector64.exe

Resource

win7-20240704-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral8

Sample

ch/DotNetDataCollector64.exe

Resource

win10v2004-20240704-es

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral9

Sample

ch/libipt-32.dll

Resource

win7-20240508-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral10

Sample

ch/libipt-32.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral11

Sample

ch/libipt-64.dll

Resource

win7-20240704-es

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral12

Sample

ch/libipt-64.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral13

Sample

ch/libmikmod32.dll

Resource

win7-20240221-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral14

Sample

ch/libmikmod32.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral15

Sample

ch/libmikmod64.dll

Resource

win7-20240508-es

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral16

Sample

ch/libmikmod64.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral17

Sample

ch/lua53-32.dll

Resource

win7-20240508-es

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral18

Sample

ch/lua53-32.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral19

Sample

ch/lua53-64.dll

Resource

win7-20240419-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral20

Sample

ch/lua53-64.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral21

Sample

ch/luaclient-i386.dll

Resource

win7-20240704-es

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral22

Sample

ch/luaclient-i386.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral23

Sample

ch/luaclient-x86_64.dll

Resource

win7-20240704-es

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral24

Sample

ch/luaclient-x86_64.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral25

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExample.js

Resource

win7-20240508-es

execution

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral26

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExample.js

Resource

win10v2004-20240704-es

execution

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral27

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExampleForm.js

Resource

win7-20240705-es

execution

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral28

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExampleForm.js

Resource

win10v2004-20240704-es

execution

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral29

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExampleForm.vbs

Resource

win7-20240221-es

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral30

Sample

ch/plugins/c# template/CEPluginLibrary/PluginExampleForm.vbs

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral31

Sample

ch/plugins/c# template/CEPluginLibrary/bin/Release/CEPluginExample.dll

Resource

win7-20240705-es

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral32

Sample

ch/plugins/c# template/CEPluginLibrary/bin/Release/CEPluginExample.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

300 seconds

Report Analysis Logs

General

Target

ch/CheatEngine.chm
Size

299KB
MD5

bb80fec3b6e843b61859914480706cd9
SHA1

0ced874bee5bda6059b5195911aa117693d9d2de
SHA256

2d52f9d59211f8906ace16525721b1400343bdf720f062cf111d84089f129009
SHA512

78d8a024dabd111b59beea4dc21150c7fbb3a6924201d2f3ff9e720e4bbc967bbff285ba2064bc35c260ffde433c639fdc0252c47ae29b43398117eda21cf648
SSDEEP

6144:/UuFqUYSsTDiKebI7F03RPf2rB84daXcXrcURJo8tGgqQdB5+cbsQe/zQXE9LA2:tFhYSsnl0I7FG8S4daC/RGg1bnerQILf

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main	hh.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2944	hh.exe
2944	hh.exe

Processes

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\ch\CheatEngine.chm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2944

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads