Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

Meta Quest...op.pkg

windows11-21h2-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    18/08/2024, 07:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Meta Quest Remote Desktop.pkg

  • Size

    48.7MB

  • MD5

    bb21bfa4aee377d087abafedb794057c

  • SHA1

    64c1f4321053f08515c8f68947be05367c3ea3b3

  • SHA256

    248742adf684bc3c06d0d78f3b0ee7edb43b0f63569f685d7c75c803bbb2fb17

  • SHA512

    c8b567355424e0bc6bdadd6ff620beb2a12c013c14c2e8fa5ad27ebb6b2245c2b9a7c029da3f74d161ca95f2e34728c28d4fd1b8fb405243ebf3957795695584

  • SSDEEP

    1572864:NKSHhb8tdqr+lN7JMAeFQ7CSdxE4T8dVjECe:BCp6FQ7bdi4sVgn

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Meta Quest Remote Desktop.pkg"
    1⤵
    • Modifies registry class
    PID:656
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.