Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3BACeyeSetup.exe
windows7-x64
7BACeyeSetup.exe
windows10-2004-x64
7$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI..._3.exe
windows7-x64
7$PLUGINSDI..._3.exe
windows10-2004-x64
7$PLUGINSDI...64.exe
windows7-x64
7$PLUGINSDI...64.exe
windows10-2004-x64
7$PLUGINSDI...st.exe
windows7-x64
7$PLUGINSDI...st.exe
windows10-2004-x64
7$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...86.exe
windows7-x64
7$PLUGINSDI...86.exe
windows10-2004-x64
7AKSHLock.dll
windows7-x64
3AKSHLock.dll
windows10-2004-x64
3BACeye.Plu...ce.dll
windows7-x64
1BACeye.Plu...ce.dll
windows10-2004-x64
1BACeye.exe
windows7-x64
3BACeye.exe
windows10-2004-x64
7BACnetBaseLibrary.dll
windows7-x64
3BACnetBaseLibrary.dll
windows10-2004-x64
3BACnetObje...ry.dll
windows7-x64
3BACnetObje...ry.dll
windows10-2004-x64
3CSLabTools.dll
windows7-x64
3CSLabTools.dll
windows10-2004-x64
3CliBACnetWrapper.dll
windows7-x64
3CliBACnetWrapper.dll
windows10-2004-x64
3Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
06/08/2024, 08:26
Static task
static1
Behavioral task
behavioral1
Sample
BACeyeSetup.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
BACeyeSetup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240729-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/WinPcap_4_1_3.exe
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/WinPcap_4_1_3.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/dotNetFx40_Full_x86_x64.exe
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/dotNetFx40_Full_x86_x64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/haspdinst.exe
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/haspdinst.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/vcredist_x86.exe
Resource
win7-20240704-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/vcredist_x86.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
AKSHLock.dll
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
AKSHLock.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
BACeye.Plugin.Interface.dll
Resource
win7-20240729-en
Behavioral task
behavioral22
Sample
BACeye.Plugin.Interface.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
BACeye.exe
Resource
win7-20240705-en
Behavioral task
behavioral24
Sample
BACeye.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
BACnetBaseLibrary.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
BACnetBaseLibrary.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
BACnetObjectLibrary.dll
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
BACnetObjectLibrary.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
CSLabTools.dll
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
CSLabTools.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
CliBACnetWrapper.dll
Resource
win7-20240704-en
Behavioral task
behavioral32
Sample
CliBACnetWrapper.dll
Resource
win10v2004-20240802-en
General
-
Target
BACeye.exe
-
Size
6.6MB
-
MD5
38ce82a78c215232f7980d7ff88b8705
-
SHA1
c04adca32f07d922b8a83fd7d5b3b2f6d4bdf936
-
SHA256
762a912b3b96762c92c80d30c879cd6688c921aca3c00a964cd2cfd699e1eabb
-
SHA512
e99965458dc1bf48f4348fde24825a5d3269b143a190bd965ab56181fa6826c8247e550dd8834198eceb29813034a4b73277ea7699c1f5bef07a45c14ec3b556
-
SSDEEP
49152:RDyO9PuUsfWky2iOxCqxKD+yUKn+3NWC8+gjMNaZz4s821LvsAD56Aor32T8Y/+u:dPuUDNOxCqxKD+34yaZz4sR9
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language BACeye.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD5c1d7d55d9f6f44129edfd935f3b53304
SHA127c2319482cfe88d2ee11902a60be22946caab2f
SHA25633cfd4ea73c5af0909412a500466f3e1f7ec1db34de6c7f051539aa192ca8d19
SHA512658e4f017d0d4b79a50552e02e2da13c1531e635000555d5a47d71a04467ef451d7c7cd2e0c4a90251f7216e352cc0e15bc3e2085075824ea0fdaa5806f071b8