Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ps2_bios.zip

windows7-x64

1

ps2_bios.zip

windows10-2004-x64

1

PS2 Bios 3...al.mec

windows7-x64

3

PS2 Bios 3...al.mec

windows10-2004-x64

3

PS2 Bios 3...al.nvm

windows7-x64

3

PS2 Bios 3...al.nvm

windows10-2004-x64

3

PS2 Bios 3...al.bin

windows7-x64

3

PS2 Bios 3...al.bin

windows10-2004-x64

3

SCPH-70004...00.bin

windows7-x64

3

SCPH-70004...00.bin

windows10-2004-x64

3

SCPH-70004...0.erom

windows7-x64

3

SCPH-70004...0.erom

windows10-2004-x64

3

SCPH-70004...00.nvm

windows7-x64

3

SCPH-70004...00.nvm

windows10-2004-x64

3

SCPH-70004...0.rom1

windows7-x64

3

SCPH-70004...0.rom1

windows10-2004-x64

3

SCPH-70004...0.rom2

windows7-x64

3

SCPH-70004...0.rom2

windows10-2004-x64

3

rom1.bin

windows7-x64

3

rom1.bin

windows10-2004-x64

3

scph10000.nvm

windows7-x64

3

scph10000.nvm

windows10-2004-x64

3

scph10000.bin

windows7-x64

3

scph10000.bin

windows10-2004-x64

3

scph39001.mec

windows7-x64

3

scph39001.mec

windows10-2004-x64

3

scph39001.nvm

windows7-x64

3

scph39001.nvm

windows10-2004-x64

3

scph39001.bin

windows7-x64

3

scph39001.bin

windows10-2004-x64

3

Resubmissions

07/07/2024, 12:33 UTC

240707-prjydasclk 3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    07/07/2024, 12:33 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rom1.bin

  • Size

    195KB

  • MD5

    44552702b05697a14ccbe2ca22ee7139

  • SHA1

    47d2ec4b342649e4c391043ab915d4435f9d180d

  • SHA256

    41de2047af8382988bfd568035ff26eec5f1cabc3efe773680546aa00a82857d

  • SHA512

    28b02c3a83f6107aa277fd86da8e8bb8d7273ec76aab9090dbc2ebb7ce3d1ea2ae9d41973894cc904b0dadcdaf9d8f1d8ae4e49e506e2d46890184075b441d79

  • SSDEEP

    3072:6MP0Tk3xqZ7Ngv9DG+1iu/APblMy81qEjRGELgua:6K0dZ7Ngv9DGoiCqHAa

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\rom1.bin
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\rom1.bin
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2792
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\rom1.bin"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4f05a99a015a2134554faabab57c6bf9

    SHA1

    680e6aae6a6fc721d4e1d45adf71aa63a3d8078d

    SHA256

    0dbcadd7e5176a4ba09d59a4f0041e20a2b00fe6639bc496a67f5e4c6e4452c9

    SHA512

    fead1b796ad1c2fc5876d5dd68849eeb2ad5a240da94a5863b893743f5ee354da5963641f9e0637520889af4932a8d4b3d1de77d44481d3122733fa99c226969

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.