Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 11:06
General
-
Target
My.Summer.Car.v2023.12.10/My.Summer.Car.v2023.12.10/mysummercar_Data/resources.assets
-
Size
13KB
-
MD5
7295c4a052edcb198e7162aa92874fe4
-
SHA1
7632147e003ae321a6be1ce4142be77826805f60
-
SHA256
e0e6de4b3ccc01281b1e54cfc1e9ed0f828624cdd0810535e5ade83ff3bcdc4b
-
SHA512
839511681d39a5f5ec9a9c4d5278a0e2934c5853e63eb9cf063aee514302d6f738297d29f1896a26e276cac41d8ec458ec8613ac0a827914f5691fdc4bc1a66d
-
SSDEEP
96:FP2xEl/Wu+nXIlp2mi9R8NI+6h+tBak/nZoearZ4V5M6aFBYz0uPhzmcsTAc23mV:7lLi9ikOak/aRrZK5ne22zaAv
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies registry class 9 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\My.Summer.Car.v2023.12.10\My.Summer.Car.v2023.12.10\mysummercar_Data\resources.assets1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\My.Summer.Car.v2023.12.10\My.Summer.Car.v2023.12.10\mysummercar_Data\resources.assets2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\My.Summer.Car.v2023.12.10\My.Summer.Car.v2023.12.10\mysummercar_Data\resources.assets"3⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD585229a1168f0664876289ff4a794ee16
SHA1f046916e06e5b1902659d1ff4a17d3a35fa94212
SHA256e6306a46efb70fed2bbed5ee95cffeb31bc1b272cab8adf0acaf23393453a72b
SHA512b2bf2e29be0fc8f9b9219a0b8b6b88c3d28fabbdec7f2e758fed8f23f848eb13adbd0d581dc8f9c2e99fd07df08acc02bf35ae98d9b0f3c86aaed55904f4f19d