Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
615s -
max time network
1611s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
07/07/2024, 14:42
Static task
static1
Behavioral task
behavioral1
Sample
Discord-R4T.exe
Resource
win10-20240611-en
3 signatures
1800 seconds
Behavioral task
behavioral2
Sample
loader-o.pyc
Resource
win10-20240404-en
3 signatures
1800 seconds
General
-
Target
loader-o.pyc
-
Size
104B
-
MD5
e25772901e4bdf1e73aee4d9be3daff1
-
SHA1
b3808c1b077d390f225edae8a741d77d876c66c4
-
SHA256
a69f40736e3d5bf7764a4e3eaa12f1152f48e44de795ca5a9659d988beb8ce63
-
SHA512
f75aad258dd0a2516a8fc0bcfb18b8ea7c51a2b81bc36fe6e697f1f5ab1c485775f8d503878097b9f5eefee28f2f0d0499b695689d845909983615b136e6aac1
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2148 OpenWith.exe