Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

HyperPlay-...1).exe

windows7-x64

4

HyperPlay-...1).exe

windows10-2004-x64

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

HyperPlay.exe

windows7-x64

1

HyperPlay.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dl.exe

windows7-x64

7

resources/...dl.exe

windows10-2004-x64

7

resources/...ry.exe

windows7-x64

7

resources/...ry.exe

windows10-2004-x64

7

resources/...d-0.js

windows7-x64

3

resources/...d-0.js

windows10-2004-x64

3

resources/...d-1.js

windows7-x64

3

resources/...d-1.js

windows10-2004-x64

3

resources/...d-2.js

windows7-x64

3

resources/...d-2.js

windows10-2004-x64

3

resources/...d-3.js

windows7-x64

3

Analysis

  • max time kernel
    86s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/09/2024, 18:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app.asar.unpacked/build/bin/win32/gogdl.exe

  • Size

    7.4MB

  • MD5

    4b18ed58b1a8c953f8a08a68a58b9a10

  • SHA1

    af85cfbcb655e491a31f2a8aa88b47224fa5d3f4

  • SHA256

    dcbfe8a0d102181c928fab9dadba0fd0b4f1a42d9ebaffe5520cbc84ed5d9c10

  • SHA512

    58b7b0e39c1446340b0c68db55f81da53c110883504b036ee30955ece637673e65d121c9dc201c8893217836ca7454171ccfd1f12ebd6fb34e83bcba3e163f64

  • SSDEEP

    196608:Hfp5vYL2Vmd6+DUrLZy7YM30Lzajwrp9/CNFWCV:fvYL2Vmd6mM0Gzajwr3y

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 19 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\build\bin\win32\gogdl.exe
    "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\build\bin\win32\gogdl.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1064
    • C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\build\bin\win32\gogdl.exe
      "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\build\bin\win32\gogdl.exe"
      2⤵
      • Loads dropped DLL
      PID:4776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\VCRUNTIME140.dll
    Filesize

    95KB

    MD5

    f34eb034aa4a9735218686590cba2e8b

    SHA1

    2bc20acdcb201676b77a66fa7ec6b53fa2644713

    SHA256

    9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

    SHA512

    d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_bz2.pyd
    Filesize

    85KB

    MD5

    b024a6f227eafa8d43edfc1a560fe651

    SHA1

    92451be6a2a6bfc4a8de8ad3559ba4a25d409f2e

    SHA256

    c0dd9496b19ba9536a78a43a97704e7d4bef3c901d196ed385e771366682819d

    SHA512

    b9edb6d0f1472dd01969e6f160b41c1e7e935d4eebcaf08554195eb85d91c19ff1bfbc150773f197462e582c6d31f12bd0304f636eb4f189ed3ed976824b283e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_ctypes.pyd
    Filesize

    125KB

    MD5

    a1e9b3cc6b942251568e59fd3c342205

    SHA1

    3c5aaa6d011b04250f16986b3422f87a60326834

    SHA256

    a8703f949c9520b76cb1875d1176a23a2b3ef1d652d6dfac6e1de46dc08b2aa3

    SHA512

    2015b2ae1b17afc0f28c4af9cedf7d0b6219c4c257dd0c89328e5bd3eee35e2df63ef4fccb3ee38e7e65f01233d7b97fc363c0eae0cfa7754612c80564360d6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_elementtree.pyd
    Filesize

    187KB

    MD5

    392453e4810d468aa04cf65f9318a23f

    SHA1

    2cb635189dede828cc5ba8f6cc4c571b3a3ae7c7

    SHA256

    0823eb435d8cb63c8adfb8b4bea759121ed79326d758357f8187369461455a64

    SHA512

    94d5bd79aef109a0120450109aa5afef3c0363a749aa3929ab9893bd0276023eb67d8fcb3aeeab8c3f961d55a40a75387227c638076ae226dcce3c1a4dd731b5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_hashlib.pyd
    Filesize

    64KB

    MD5

    69dc506cf2fa3da9d0caba05fca6a35d

    SHA1

    33b24abb7b1d68d3b0315be7f8f49de50c9bdcb6

    SHA256

    c5b8c4582e201fef2d8cb2c8672d07b86dec31afb4a17b758dbfb2cff163b12f

    SHA512

    0009ec88134e25325a47b8b358da0fed8bb34fe80602e08a60686f6029b80f4287d33adb66ef41435d11d6edff86a88916f776eeaf2d1cb72035783f109ca1ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_lzma.pyd
    Filesize

    160KB

    MD5

    77b78b43d58fe7ce9eb2fbb1420889fa

    SHA1

    de55ce88854e314697fa54703a2cd6cc970f3111

    SHA256

    6e571d93ce55d09583ec91c607883a43c1da3d4d36794d68c6ecd6bea4ab466a

    SHA512

    7b03b7d3f2fd9b51391de08e69ca9156a0232b56f210878a488b9d5a19492ab5880f45d9407331360fbe543a52c03d68f68da4387bf6a13b20ec903a7b081846

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_queue.pyd
    Filesize

    30KB

    MD5

    328e41b501a51b58644c7c6930b03234

    SHA1

    bc09f8b62fec750a48bafd9db3494d2f30f7bd54

    SHA256

    2782cf3c04801ede65011be282e99cd34d163b2b2b2333fd3147b33f7d5e72ab

    SHA512

    c6e6e6bca0e9c4e84f7c07541995a7ee4960da095329f69120ba631c3c3e07c0441cf2612d9dcc3d062c779aec7d4e6a00f71f57cc32e2a980a1e3574b67d248

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_socket.pyd
    Filesize

    79KB

    MD5

    cd56f508e7c305d4bfdeb820ecf3a323

    SHA1

    711c499bcf780611a815afa7374358bbfd22fcc9

    SHA256

    9e97b782b55400e5a914171817714bbbc713c0a396e30496c645fc82835e4b34

    SHA512

    e937c322c78e40947c70413404beba52d3425945b75255590dedf84ee429f685e0e5bc86ad468044925fbc59cf7ec8698a5472dd4f05b4363da30de04f9609a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\_ssl.pyd
    Filesize

    153KB

    MD5

    70014e88ecf3133b7be097536f77b459

    SHA1

    5d75675bb35ba6fae774937789491e051e62a252

    SHA256

    d318795c98c5f3c127c8e47220a92acba0736daf31bab0dc9c7e6c3513bb2aa3

    SHA512

    aa59b32c9164afca1b799e389c7087e95eeaa543790b6f590f9e30aa13b7fdb8cc83d0ef6351f0b578a4da636f4ca1e6dfe4558dcf3a813b744a80f7392aa462

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\base_library.zip
    Filesize

    1013KB

    MD5

    945473d8913d8ad065760cdfab37f584

    SHA1

    d22104edf1f42cac6b06c8c6b9b247b39b9e10e4

    SHA256

    e85375d06010b20615e7413688741ca16b608f487387684b1e4f6d73e4c003b8

    SHA512

    ecddc432b06d9195022721b7bf13eb2e93ca370715d50e6a77d653e8966a7a253acf37c554310a041bb0a49285b9fe1089489a74f7966c6a464db7e9b5089e28

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\charset_normalizer\md.cp39-win_amd64.pyd
    Filesize

    10KB

    MD5

    c4de5638d7cf59a01c768448c6bef89d

    SHA1

    4405bae0d6fc5502e32689d99e74abafd87f9588

    SHA256

    cd8f4e8f69c855042a8f36f68a1601d96f09568baff51f96decda4fa5aeb274d

    SHA512

    adbf18508988af7c081539110d1b2b2f3acdea0e63bd039ec94fc57b53464761abae1639ad21f6302465ddf8fed3b0f987d9300d457be2706f10b2a36d58bce9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\charset_normalizer\md__mypyc.cp39-win_amd64.pyd
    Filesize

    111KB

    MD5

    d67200e140f7226beda03e3fac5dbfce

    SHA1

    d09d0d558ca640d380ec463ef0c6acaaf800f12c

    SHA256

    ae2bdf86ce87b46bd557f7955ae4d018155e9bead7ccb63c65f359ae79fc5309

    SHA512

    d8fb745b85db89978b4abfa1ebd645bf837ed9bdec80ab647f31de0fc0a547112a893e3f76912445a367d289e57a080da25797ef8ead7cd18e1b3f6e4aaf8350

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\libcrypto-1_1.dll
    Filesize

    3.3MB

    MD5

    ab01c808bed8164133e5279595437d3d

    SHA1

    0f512756a8db22576ec2e20cf0cafec7786fb12b

    SHA256

    9c0a0a11629cced6a064932e95a0158ee936739d75a56338702fed97cb0bad55

    SHA512

    4043cda02f6950abdc47413cfd8a0ba5c462f16bcd4f339f9f5a690823f4d0916478cab5cae81a3d5b03a8a196e17a716b06afee3f92dec3102e3bbc674774f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\libffi-7.dll
    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\libssl-1_1.dll
    Filesize

    682KB

    MD5

    de72697933d7673279fb85fd48d1a4dd

    SHA1

    085fd4c6fb6d89ffcc9b2741947b74f0766fc383

    SHA256

    ed1c8769f5096afd000fc730a37b11177fcf90890345071ab7fbceac684d571f

    SHA512

    0fd4678c65da181d7c27b19056d5ab0e5dd0e9714e9606e524cdad9e46ec4d0b35fe22d594282309f718b30e065f6896674d3edce6b3b0c8eb637a3680715c2c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\pyexpat.pyd
    Filesize

    201KB

    MD5

    3ee5ec36b631c2352cd8bd2e4b58b37f

    SHA1

    d6ddab5eb14226fea6e5212382b5dd39aa50df97

    SHA256

    f32af8a21c016702647a83661eb4460bac7c791754cb1faaf1c4d096a94cd7cb

    SHA512

    873f72bc481bf6c55cdd00e97ea0e5946f466790f3319374b1c15772d4abdc7f394defd2cb130323fff2169380b0cda7319bb2b19f87ed5dfa479635f4b21317

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\python39.dll
    Filesize

    4.3MB

    MD5

    2135da9f78a8ef80850fa582df2c7239

    SHA1

    aac6ad3054de6566851cae75215bdeda607821c4

    SHA256

    324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

    SHA512

    423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\select.pyd
    Filesize

    29KB

    MD5

    35bb285678b249770dda3f8a15724593

    SHA1

    a91031d56097a4cbf800a6960e229e689ba63099

    SHA256

    71ed480da28968a7fd07934e222ae87d943677468936fd419803280d0cad07f3

    SHA512

    956759742b4b47609a57273b1ea7489ce39e29ebced702245a9665bb0479ba7d42c053e40c6dc446d5b0f95f8cc3f2267af56ccaaaf06e6875c94d4e3f3b6094

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    3b337c2d41069b0a1e43e30f891c3813

    SHA1

    ebee2827b5cb153cbbb51c9718da1549fa80fc5c

    SHA256

    c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7

    SHA512

    fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI10642\unicodedata.pyd
    Filesize

    1.1MB

    MD5

    3ba2a20dda6d1b4670767455bbe32870

    SHA1

    7c98221bc6ed763030087b1f33fb83eac2823ea4

    SHA256

    3a0987025f1cf2111dc6e4f59402073ba123d7436d809ee4198b4e7bfb8cb868

    SHA512

    0688f8af3359a8571bef2a89efabc2dbf26f3f5c6220932a4e7df2e33fac95cafee8b80796346ba698e6bf43630b8069f56538b95a8ff62ec21d629787ca5cd1

    Download Submit