Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

anki-24.06...t6.exe

windows11-21h2-x64

7

lib/win32c...ink.py

windows11-21h2-x64

3

lib/win32c...ser.py

windows11-21h2-x64

3

lib/win32c...der.py

windows11-21h2-x64

3

lib/win32c...enu.py

windows11-21h2-x64

3

lib/win32c...ook.py

windows11-21h2-x64

3

lib/win32c...che.py

windows11-21h2-x64

3

lib/win32c...iew.py

windows11-21h2-x64

3

lib/win32c...ler.py

windows11-21h2-x64

3

lib/win32c...iew.py

windows11-21h2-x64

3

lib/win32c...eex.py

windows11-21h2-x64

3

lib/win32c...ate.py

windows11-21h2-x64

3

lib/win32c...ers.py

windows11-21h2-x64

3

lib/win32c...ll.dll

windows11-21h2-x64

1

lib/win32c...con.py

windows11-21h2-x64

3

lib/win32c...ion.py

windows11-21h2-x64

3

lib/win32c...der.py

windows11-21h2-x64

3

lib/win32c...tem.py

windows11-21h2-x64

3

lib/win32c...t__.py

windows11-21h2-x64

3

lib/win32c...er.dll

windows11-21h2-x64

1

lib/win32c...ask.py

windows11-21h2-x64

3

lib/win32c...k_1.py

windows11-21h2-x64

3

lib/win32c...k_2.py

windows11-21h2-x64

3

lib/win32c...tem.py

windows11-21h2-x64

3

lib/winsound.dll

windows11-21h2-x64

1

lib/wrapt/...64.dll

windows11-21h2-x64

1

mpv.exe

windows11-21h2-x64

1

python3.dll

windows11-21h2-x64

1

python39.dll

windows11-21h2-x64

1

uninstall.exe

windows11-21h2-x64

5

vcruntime140.dll

windows11-21h2-x64

1

vcruntime140_1.dll

windows11-21h2-x64

1

Resubmissions

11/07/2024, 20:44 UTC

240711-zjbl5stbjk 7

11/07/2024, 20:30 UTC

240711-y939easfqk 7

Analysis

  • max time kernel
    80s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11/07/2024, 20:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lib/win32comext/shell/demos/explorer_browser.py

  • Size

    4KB

  • MD5

    08c7dc59991e5be6e404628ec51075da

  • SHA1

    4f0ea275c20dcd7f19026d507a942e8049c7158e

  • SHA256

    b01e549ef94be793919639547eb955d935261a9cc706545dc3b316193e41afb2

  • SHA512

    b20fe7fbeae777dc7ad51c2bfc6274542529fe461d3b7f2df6b3469f75760fe317e033b253b6885ca321030a14c94e6af11d4cfa19ece9b3c5c2d0466a107e47

  • SSDEEP

    96:WCfwjVwkBUxRB+DVbYy2X6JenZ02yiRcGJTQWaZNfmiGpcNIwi:WCf6BmkVb2RnLHvxaDeiHuwi

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\lib\win32comext\shell\demos\explorer_browser.py
    1⤵
    • Modifies registry class
    PID:4116
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:5060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.