Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
22/08/2024, 21:37
240822-1gmr3a1grm 722/08/2024, 21:34
240822-1ev1nayfrb 822/08/2024, 16:43
240822-t797qaxdkb 822/08/2024, 16:40
240822-t6nbkaxcnh 8Analysis
-
max time kernel
298s -
max time network
276s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
22/08/2024, 21:37
General
-
Target
https://get.adobe.com/ru/reader/download?os=Windows+10&name=Reader+2024.002.21005+Russian+Windows%2864Bit%29&lang=ru&nativeOs=Windows+10&accepted=cr&declined=mss&preInstalled=&site=landing
Score
7/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://get.adobe.com/ru/reader/download?os=Windows+10&name=Reader+2024.002.21005+Russian+Windows%2864Bit%29&lang=ru&nativeOs=Windows+10&accepted=cr&declined=mss&preInstalled=&site=landing1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3868,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=4968 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3872,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=1304 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5436,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5444,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=5452 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5644,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=5920 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=5924,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=5984 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5912,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=6120 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=7232,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=7240 /prefetch:81⤵
-
C:\Users\Admin\Downloads\Reader_ru_install.exe"C:\Users\Admin\Downloads\Reader_ru_install.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6336,i,8548254608087149642,10333768245962368401,262144 --variations-seed-version --mojo-platform-channel-handle=6288 /prefetch:81⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.5MB
-
Filesize
4.5MB