Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

62d3dd3d74...18.exe

windows7-x64

7

62d3dd3d74...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...վ.lnk

windows7-x64

3

$SMPROGRAM...վ.lnk

windows10-2004-x64

3

155�...վ.lnk

windows7-x64

3

155�...վ.lnk

windows10-2004-x64

3

BrixoutXP.exe

windows7-x64

1

BrixoutXP.exe

windows10-2004-x64

1

bass.dll

windows7-x64

1

bass.dll

windows10-2004-x64

1

config.vbs

windows7-x64

1

config.vbs

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2024, 10:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BrixoutXP.exe

  • Size

    300KB

  • MD5

    5caf58212b6ccd8c4d80d764f900de47

  • SHA1

    8e3d5701d4958efbc4e47a034f4a9bf7e41286a5

  • SHA256

    cce953a8ac0e8f0de05b68e5dfc8540a3a5a735c157a8ad5650168a501abc466

  • SHA512

    1946e602e01b007b7d559acb643ff9c75136911ac12652e03ddbb3c599ea7ccf38c20b8f91373e112c0e154cb57defb3af7bfa163f59df45c17c542468322916

  • SSDEEP

    6144:ebEKVrGI8P+YsInXAhgPU3zAsflPZ2AQ:eEKpnYFnXAhcMzAsNPb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BrixoutXP.exe
    "C:\Users\Admin\AppData\Local\Temp\BrixoutXP.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3464
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x510 0x504
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    3KB

    MD5

    289f15858d39590fbcd1ede87eef161e

    SHA1

    39413f5935a924c815a237a9a06be7fbccae8c90

    SHA256

    d7d1150da22d57fe87dff11e9d812dff793624ea74c2ff82ba802fc12e11aeee

    SHA512

    93d06a04a416d984bbefac77c82862c313fd3de91662d0f22a72d5ec756bbcf766395c264acda34c5d26812f0125d1673c88151489ffa387f21e5447d46adf6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    4KB

    MD5

    7e8427f275399b80ab148ba8e8e06770

    SHA1

    5a2d6ca00a4078b4cd265702e1fa8f199482fd7f

    SHA256

    531d9be63bc417e354b4a06b65799e255e82a30aeb072c1ee0d0ffc895899e72

    SHA512

    1dc7d66b07dd7fc57c0d7593fbda154f069f5614a44b573c1fd0e0838be49f2f1b38902ea3c94b2d088ccfbf75ab313dba988ca5bb86bcea1545f423d65994ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    938B

    MD5

    bd4ba2e3851cbd491ce1d9491f71578e

    SHA1

    167e6d389c1e7cda8b15b98a57e462c89c53c38f

    SHA256

    b50057ad01608fc97d0972ba15ad69309703268ed284d0fb0a3ec332a873f9b0

    SHA512

    4c488d5428b219d826d8353b91e8574125dc05b9ebde3e9106329737e2619b558ba92b440d549d1cbeeb9b9e9e58a3253663a17529bbeec2014e079bb5addb64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    1KB

    MD5

    ac6aa15bb12783fef63d60ab82b1c49e

    SHA1

    29a3191640289bb99c8298785694499f0589d131

    SHA256

    b9203fd89a5dcc872d2fc17124b8c252d6662791b8ffc0f4f12e655284d68a5e

    SHA512

    f6e5bf9f6b16a48cd490f35d232480fd5d7637fcaabf03aae05c2759e996e691a0c38e35d0f8cf5552b853217667819ca9ae36ab68a7c583e994da0cc7b15c25

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    1KB

    MD5

    ad0ce5d4a854e73f70ac13daebad7f85

    SHA1

    c9bd3b7aaad2f94d749bc610160540a50d0d0807

    SHA256

    60dd40bca1261ef64ac006537964caf50cdc4805feecfbf56c591d2dde652677

    SHA512

    d57caf4f376f90afb3dc77038d365487ad7cb42e6deef42a6952aa990251b48b6c27841a84eb4d7e7ff6d3042b9198e62104944438bc05dcfab30abaa55a0873

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    2KB

    MD5

    919bb66d658f9a2070372f268f5e35a5

    SHA1

    19900a51f7f57fd77299a1265f5841cf1ba63e3d

    SHA256

    10ceb3954b0608d0e3473557bf377e79d1095f9c4e7be7cee55ea69ac2397c3e

    SHA512

    0130cf53d0a59d071a0760c6d6086d672147520b6069daa552ce52e1998dd384f9c4f771937fe4f8528bd633277028b78153985961b386d6b0d878f0924f82a3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\debug.log
    Filesize

    3KB

    MD5

    d02aef678eeb005c7362c3dd1b17a77a

    SHA1

    70ed5d2197995f9981ffa4433015e1e1f505330c

    SHA256

    779a6118197362bd62ea6bebff0fe7d97af10c0d5a0948cf2b0651c85a7406b2

    SHA512

    56ac3c6bfbc5f23a8ddde394db3824d004391b68e1f8886e0ce4e0017471d33089fb856ee08d132bfdf5730978827fa08bc43e48d287873d1e78d23d9b7c625a

    Download Submit

  • memory/3464-217-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-215-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-216-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-0-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-218-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-219-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-220-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-221-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-222-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-223-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-224-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-225-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-226-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-227-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3464-228-0x0000000010000000-0x000000001005A000-memory.dmp

    Filesize

    360KB

    Download