Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Decompiler V.2.4.rar

windows10-1703-x64

3

Bugs.dll

windows10-1703-x64

1

Decompile ...7.rbxl

windows10-1703-x64

3

Decompiler V.2.4.exe

windows10-1703-x64

9

discord_to...er.pyc

windows10-1703-x64

3

get_cookies.pyc

windows10-1703-x64

3

misc.pyc

windows10-1703-x64

3

passwords_grabber.pyc

windows10-1703-x64

3

source_prepared.pyc

windows10-1703-x64

3

Lisence.md

windows10-1703-x64

3

LoaderScripts.py

windows10-1703-x64

3

Roblox HWD/Bugs.dll

windows10-1703-x64

1

Roblox HWD/Scripts.py

windows10-1703-x64

3

Scripts/Read me.txt

windows10-1703-x64

1

Scripts/Scripts.py

windows10-1703-x64

3

Scripts/ServerSide.py

windows10-1703-x64

3

decompile.dll

windows10-1703-x64

1

krnlapi.dll

windows10-1703-x64

1

saveinstance.dll

windows10-1703-x64

1

Resubmissions

12/01/2025, 13:45

250112-q2d1jsvkav 10

15/08/2024, 09:01

240815-ky8g4avejg 10

Analysis

  • max time kernel
    133s
  • max time network
    136s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15/08/2024, 09:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Decompiler V.2.4.rar

  • Size

    73.8MB

  • MD5

    86961889e1eb75e6f5ec6f96df826862

  • SHA1

    989727abc34182c44b5ba75e6b38fe11d7960896

  • SHA256

    10d68e96b17fe89e1672bb3df965728067c38107ea3c988dbf0210248fc4d1e6

  • SHA512

    ec42988d129a3d6775a75d7afe4b3c6b1430ccc375319ecd872e32d1299d6ba5dbeff0ebdb1f5e966d38d930f094f7de76bc55061a07fd12f3ad36de9b7db636

  • SSDEEP

    1572864:IotHuxPhVvnYn9mikbh3FtuxRZwe74rE0mBS+vxy0DWVjivURo9V7A6:IoF0rvnYn9HY2Se1B1vhWV8

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Decompiler V.2.4.rar"
    1⤵
    • Modifies registry class
    PID:164
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2716
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:2704

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads