Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

underversebattles.exe

windows7-x64

7

underversebattles.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/vcre...15.exe

windows7-x64

7

$TEMP/vcre...15.exe

windows10-2004-x64

7

GMS-WinDev.dll

windows7-x64

1

GMS-WinDev.dll

windows10-2004-x64

1

NekoPresence_x64.dll

windows7-x64

1

NekoPresence_x64.dll

windows10-2004-x64

1

UnderverseBattles.exe

windows7-x64

1

UnderverseBattles.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

gamepad_fo...us.dll

windows7-x64

1

gamepad_fo...us.dll

windows10-2004-x64

1

netlog/netlog.exe

windows7-x64

1

netlog/netlog.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2024, 23:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    underversebattles.exe

  • Size

    232.1MB

  • MD5

    8f1b45fafe36e57782652523a563764f

  • SHA1

    333d05376080eddc22aed18cc4fe20587e113127

  • SHA256

    ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba

  • SHA512

    1cd0f0f5fdaaf3821063def6c724cb020bb0f27bf6ff71076618599c8dd58277f28a4e2a48b90aae753582b0c0828a0808f62e50f4d66a48669ae79adba9553b

  • SSDEEP

    6291456:bGoPivGw61yf3wP4R2YJuclwDkAROad0+P7CwHcHC2:bbAwP40YJuclwgAROQ7e8cHC2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\underversebattles.exe
    "C:\Users\Admin\AppData\Local\Temp\underversebattles.exe"
    1⤵
    • Loads dropped DLL
    PID:1916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsg94CF.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    6f3098fb5f3db26f3bb84f5481109e39

    SHA1

    9270793e404cc42c6f5be1eb1eb4305f166c656d

    SHA256

    f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd

    SHA512

    0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1

    Download Submit