Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

97647fadeb...18.exe

windows7-x64

7

97647fadeb...18.exe

windows10-2004-x64

7

$PLUGINSDI...se.dll

windows7-x64

3

$PLUGINSDI...se.dll

windows10-2004-x64

3

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ub.exe

windows7-x64

7

$PLUGINSDI...ub.exe

windows10-2004-x64

7

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...BL.rtf

windows7-x64

4

$PLUGINSDI...BL.rtf

windows10-2004-x64

1

$PLUGINSDI...CF.rtf

windows7-x64

4

$PLUGINSDI...CF.rtf

windows10-2004-x64

1

$PLUGINSDI...DS.rtf

windows7-x64

4

$PLUGINSDI...DS.rtf

windows10-2004-x64

1

$PLUGINSDI...PC.rtf

windows7-x64

4

$PLUGINSDI...PC.rtf

windows10-2004-x64

1

$PLUGINSDI...IM.rtf

windows7-x64

4

$PLUGINSDI...IM.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 19:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/dllstub.exe

  • Size

    145KB

  • MD5

    7aa4254f40175172892359532d75e686

  • SHA1

    1d6e5294beb14a33fb7af206703faebdb889b6e2

  • SHA256

    f2be7c620524d4a824c0c43ec794c893f0552c88b7eb298e780400db02626120

  • SHA512

    da40e2487aea15960c56e9bec06f6c7e146f102d7f10c56e419d96c9eeacdbcf9a185d8e47aef57e3a7177cd2bd42a587c79e31597b69a8c24df8cb135fc397a

  • SSDEEP

    3072:sgXdZt9P6D3XJINhDmvKywTpU4OuvnpB1xTZG5jk2kNhD8:se34ODmvKyw1U47BpZtND8

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\dllstub.exe
    "C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\dllstub.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:1660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsd8122.tmp\inetc.dll
    Filesize

    24KB

    MD5

    1efbbf5a54eb145a1a422046fd8dfb2c

    SHA1

    ec4efd0a95bb72fd4cf47423647e33e5a3fddf26

    SHA256

    983859570099b941c19d5eb9755eda19dd21f63e8ccad70f6e93f055c329d341

    SHA512

    7fdeba8c961f3507162eb59fb8b9b934812d449cc85c924f61722a099618d771fed91cfb3944e10479280b73648a9a5cbb23482d7b7f8bfb130f23e8fd6c15fb

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.