Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    13s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    03/08/2024, 04:19

General

  • Target

    OperaGXSetup (1).exe

  • Size

    3.1MB

  • MD5

    3ff24a81ae3cfe0f5bad2904240743d8

  • SHA1

    503599a23b1a77f7cd0e155791db2ef8acdcce37

  • SHA256

    c6dc697b68f4744bfd38cfd8f62e179fd236ecbbcb7e7555fdabd2d30dac9f73

  • SHA512

    1e9cf2a7371546d25180c1be3059b2f90f1018104b55214a83ea25b633a90151a80140bb6c7d18fd98501c0ee79865d8d6b68f3df7d8ea597bd0c92861d0fd41

  • SSDEEP

    49152:eNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aSc:UEP1y3+0hgh6u/ZcTCP8BzONaSc

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\OperaGXSetup (1).exe
    "C:\Users\Admin\AppData\Local\Temp\OperaGXSetup (1).exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2288
    • C:\Users\Admin\AppData\Local\Temp\7zS0F897FC7\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zS0F897FC7\setup.exe --server-tracking-blob=NDFmYzkwMjMzMWM4NTY2MzA4YTQyYWYyMTg5N2YzM2RlNDYyMmQ4NWI0MzQ3MDVkOGQwZjk5YzkwYjM2Zjk5Njp7ImNvdW50cnkiOiJDQSIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9DQV9IVlJfV0VCXzM1NDYmZWRpdGlvbj1zdGQtMiZ1dG1fY29udGVudD0zNTQ2X2QyZjZjZDY5LTU4ODctNDlmZC04ZDAyLTVhNWZmOWYzN2JmNyZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCUzRnV0bV9jb250ZW50JTNEMzU0Nl9kMmY2Y2Q2OS01ODg3LTQ5ZmQtOGQwMi01YTVmZjlmMzdiZjclMjZ1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fQ0FfSFZSX1dFQl8zNTQ2JTI2dXRtX2lkJTNENjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGIlMjZlZGl0aW9uJTNEc3RkLTImdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImZGxfdG9rZW49Mjk5MzI4NjUiLCJ0aW1lc3RhbXAiOiIxNzIyNDYwNjgwLjc5NTIiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fQ0FfSFZSX1dFQl8zNTQ2IiwiY29udGVudCI6IjM1NDZfZDJmNmNkNjktNTg4Ny00OWZkLThkMDItNWE1ZmY5ZjM3YmY3IiwiaWQiOiI2MTY5ODE0NDFjYjM0MTQ5YjgyMDIyNDZlMTIxMGZkYiIsImxhc3RwYWdlIjoib3BlcmEuY29tL2dldC9vcGVyYS1neCIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiJiMTg0MGJiMy0wZmZhLTQ4M2EtYjZiMC0wYTBiNmZjYTI3NzEifQ==
      2⤵
      • Executes dropped EXE
      PID:2188

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zS0F897FC7\setup.exe

    Filesize

    6.4MB

    MD5

    241331bede4cd250aeead156de3225c0

    SHA1

    4e6ebbfda62706203c7f3016d136560854841358

    SHA256

    b476f1c8521db36255a862af284f462eef77c4fd5233adb002137af7835f5e86

    SHA512

    9eb8f3970645315c73e80cea2af9364d8aa68d4e3383cdf21dd0393fc74857538639793e995a66b6bd58f086738981ffc364a06b23b129fab380d0e59532d712