Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

winamp551_...mb.exe

windows7-x64

7

winamp551_...mb.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...pi.exe

windows7-x64

1

$PLUGINSDI...pi.exe

windows10-2004-x64

1

Plugins/Gr...mp.dll

windows7-x64

1

Plugins/Gr...mp.dll

windows10-2004-x64

1

Plugins/Gr...mp.dll

windows7-x64

1

Plugins/Gr...mp.dll

windows10-2004-x64

1

Plugins/Gr...X3.dll

windows7-x64

3

Plugins/Gr...X3.dll

windows10-2004-x64

3

Plugins/Gr..._3.dll

windows7-x64

1

Plugins/Gr..._3.dll

windows10-2004-x64

3

Plugins/Gr...EX.dll

windows7-x64

1

Plugins/Gr...EX.dll

windows10-2004-x64

3

Plugins/Gr...X1.dll

windows7-x64

3

Plugins/Gr...X1.dll

windows10-2004-x64

3

Plugins/Gr...mp.dll

windows7-x64

1

Plugins/Gr...mp.dll

windows10-2004-x64

1

Plugins/Gr...mp.dll

windows7-x64

1

Plugins/Gr...mp.dll

windows10-2004-x64

1

Plugins/Gr...mp.dll

windows7-x64

1

Plugins/Gr...mp.dll

windows10-2004-x64

3

Plugins/ds...er.dll

windows7-x64

1

Plugins/ds...er.dll

windows10-2004-x64

1

Plugins/en...us.dll

windows7-x64

3

Plugins/en...us.dll

windows10-2004-x64

3

Plugins/enc_flac.dll

windows7-x64

1

Plugins/enc_flac.dll

windows10-2004-x64

1

Plugins/enc_lame.dll

windows7-x64

1

Plugins/enc_lame.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2024, 15:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugins/Gracenote/CddbMusicIDWinamp.dll

  • Size

    617KB

  • MD5

    911ddff53ece8229dc07cb0543a5dae2

  • SHA1

    2612f783a46f2fb6623aff2950e9b717cd098469

  • SHA256

    75bd07ca53efc912ad067e81a245a6ffa5250bdf2a43eb4c9a00cb031eabfd95

  • SHA512

    631d74e57a81752cdbbf710d0cf53ba2b2c0ceb309f560e50667c112335fe8621c851f9f529cecc11bd4e23db966cb64ab08f9d233dc2cfb7b5d00f820268d16

  • SSDEEP

    6144:GCbRkwtlowaq1L14d/Z9+VXATEorNsI2KviOIWi/a4ZsrlgCweALFow7q:p2wDowaq1L14d3DpRN2Kt1l5

Score
1/10

Malware Config

Signatures

  • Modifies registry class 64 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\Plugins\Gracenote\CddbMusicIDWinamp.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3140
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\Plugins\Gracenote\CddbMusicIDWinamp.dll
      2⤵
      • Modifies registry class
      PID:1148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads