Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5d86f8a185...18.exe

windows7-x64

7

5d86f8a185...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/eula.html

windows7-x64

1

$PLUGINSDIR/eula.html

windows10-2004-x64

1

$PLUGINSDI...nt.exe

windows7-x64

1

$PLUGINSDI...nt.exe

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/installhelper.dll

  • Size

    296KB

  • MD5

    599f9db17bc1bb21ae7d621ba18c7b0b

  • SHA1

    517982eded11fca77b619e6440f1a02e510b215e

  • SHA256

    02e43c366ddd5e2e6237292b232b09c0df993a88406079c202b3d865c472da4a

  • SHA512

    4451539b1fec010921338c170c2fc0197ce5ff019b87f1eba3ae6e779263ad210ff911d1a5108051c3010a53f0a29a3816c6fb3abe4ae19407e6c4ca008fba7c

  • SSDEEP

    6144:4aeBlMKhLJ1ijM23pzNUEAO+FjxvxnrSFDoDVOyfPA:EMwkM230ETWjxvB+VynA

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\installhelper.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\installhelper.dll,#1
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:4664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\INSTALLHELPER.LOG
    Filesize

    1KB

    MD5

    2673afadc88328acfc9305750a85a45c

    SHA1

    a259597337e8c3bad473c82852d7431a148ca719

    SHA256

    8bc0e708d36e255e9e64e5d7c096320e661cf24174eeed8d82e350ed9558cfe1

    SHA512

    309679f0eede70e9896043d32ebfd384f16f1a117fe80ce00865dae154253f7b42b46b040a17bcf5a8d6a445fa6f9d765c5ddb20a93abd439209ba1824c64203

    Download Submit

  • C:\INSTALLHELPER.LOG
    Filesize

    1KB

    MD5

    049210e26f017541669faa8b82817679

    SHA1

    a34efd2b9814f3ef5b4a760c5b3035ce3db6c566

    SHA256

    239544345a0abc136b66c45dee8d095ec6b0955e9e46974218e0f9efcf5e6871

    SHA512

    26e9f627102b47050ba319198defb35dd9ac01ba44c8943dd2ab6a8bdff0a46b18b3fa8d5c304c240b715c46f80f6e61b53d7157bac65c2bbaab788d5264a3da

    Download Submit

  • C:\INSTALLHELPER.LOG
    Filesize

    392B

    MD5

    377c4d4fe9417f46a4cc1a86b9a6bdcb

    SHA1

    02700ed88adf2b283afcb4cddf4678338b478848

    SHA256

    3f876fab5eb5c8588767e5b70d9765aa65d2c7de77a1bc1a4888a66d08f91672

    SHA512

    ec2f58d73bcbad99062c275697aee10ea43eaa32866bb5fb59f2b3c274bf93a6c53e3a11b9265972431d340718012a49c4be7408261543122e9c1a9cb5d72f99

    Download Submit