Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4103f3ac4d...18.exe

windows7-x64

7

4103f3ac4d...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$WINDIR/Sy...er.dll

windows7-x64

1

$WINDIR/Sy...er.dll

windows10-2004-x64

1

Cleaner.exe

windows7-x64

1

Cleaner.exe

windows10-2004-x64

1

Firewall.exe

windows7-x64

1

Firewall.exe

windows10-2004-x64

1

Resources/...op.htm

windows7-x64

1

Resources/...op.htm

windows10-2004-x64

1

Resources/...ty.htm

windows7-x64

1

Resources/...ty.htm

windows10-2004-x64

1

Sweeper.exe

windows7-x64

3

Sweeper.exe

windows10-2004-x64

3

Uninstaller.exe

windows7-x64

1

Uninstaller.exe

windows10-2004-x64

1

firewall.sys

windows7-x64

1

firewall.sys

windows10-2004-x64

1

foxiecoreu.dll

windows7-x64

6

foxiecoreu.dll

windows10-2004-x64

6

foxietoolbaru.dll

windows7-x64

6

foxietoolbaru.dll

windows10-2004-x64

6

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2024, 08:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sweeper.exe

  • Size

    380KB

  • MD5

    7cd2c463c22d951595bab50604e4361a

  • SHA1

    9abcf1b6fb98452b88bcb4ebaa14f28d920260ea

  • SHA256

    11ebc6c6f5b190bed312e647083e732d42cac4add6dfe9e9d222ec124f8f058b

  • SHA512

    846367bdd9a2a1a3a3ce541c851b6c51937692039cc2d5124f5a12e967c67a53c7583496979aafe73123420ba84eab06034b9ed0e87e35d8aa0cbc4531c75c5f

  • SSDEEP

    6144:UJQMK+wDFQvzzAK9JoDsG1KT01RjM759uF+xvtkqhC9ahrNprNdxTBHlejRFghha:NMK+wDFQvzzAK9JasG1KTaRM7LhxlhoV

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Sweeper.exe
    "C:\Users\Admin\AppData\Local\Temp\Sweeper.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1128

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads