Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NanoCore 1...22.rar

windows7-x64

3

NanoCore 1...22.rar

windows10-2004-x64

3

NanoCore 1...in.xml

windows7-x64

3

NanoCore 1...in.xml

windows10-2004-x64

1

NanoCore 1...sqlite

windows7-x64

3

NanoCore 1...sqlite

windows10-2004-x64

3

NanoCore 1...sqlite

windows7-x64

3

NanoCore 1...sqlite

windows10-2004-x64

3

NanoCore 1...sqlite

windows7-x64

3

NanoCore 1...sqlite

windows10-2004-x64

3

NanoCore 1...IO.ncp

windows7-x64

3

NanoCore 1...IO.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...ls.ncp

windows7-x64

3

NanoCore 1...ls.ncp

windows10-2004-x64

3

NanoCore 1...ck.ncp

windows7-x64

3

NanoCore 1...ck.ncp

windows10-2004-x64

3

NanoCore 1...ss.ncp

windows7-x64

3

NanoCore 1...ss.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...in.ncp

windows7-x64

3

NanoCore 1...in.ncp

windows10-2004-x64

3

NanoCore 1...ra.wav

windows7-x64

1

NanoCore 1...ra.wav

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 13:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar

  • Size

    5.8MB

  • MD5

    c75744769bae7a3e7a4a1aec27673851

  • SHA1

    56b0aa88b44c532be4975bc096cb8e4b9e7ecb49

  • SHA256

    ceb348dfa61b34bebce021fa783b0afdb874ea7205f75e7fb42b01898439be75

  • SHA512

    fa0c8d0b3adbb0bf11185b6c85f38c99421ef24ce55d94674e8d999c907f323a3eb0bcf711b60298e31db2958ebfa2dafad9d01cdf1e61251018ebd717934679

  • SSDEEP

    98304:5S+zg4KC/4ObL3j/ZV2tKRcHhMBJcPpylijvjTZi1UBCFCX/IxCF+/h0k98nRDdj:51kC/40z3tKMrcByIT1B2zkA/Ck92thv

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2256
      • C:\Windows\system32\rundll32.exe
        "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar
        3⤵
        • Modifies registry class
        • Suspicious use of WriteProcessMemory
        PID:2752
        • C:\Program Files\VideoLAN\VLC\vlc.exe
          "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar"
          4⤵
          • Suspicious behavior: AddClipboardFormatListener
          • Suspicious behavior: GetForegroundWindowSpam
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of SetWindowsHookEx
          PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock
    Filesize

    18B

    MD5

    35295f3a53b645d1dffaa680645cbe23

    SHA1

    fd5e655e195cd00730f9a4fb0714a5e7a12932fe

    SHA256

    183755c3d85600806e46abcfe7ee824c7adfa2a21a009f02f2016f5fc1c7038d

    SHA512

    f70f6a24c6aaf1912bf8c8e168009aa37a0d529a2da3b6fac06c8083a2546955e20084a3a9ec2c231e581b5ddb7f479fda3aa6cc8f8303438362cd51c5b7b8f1

    Download Submit

  • memory/2672-75-0x000007FEFA920000-0x000007FEFA954000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2672-74-0x000000013F420000-0x000000013F518000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2672-78-0x000007FEFA8E0000-0x000007FEFA8F7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2672-77-0x000007FEFA900000-0x000007FEFA918000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2672-80-0x000007FEFA8A0000-0x000007FEFA8B7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2672-79-0x000007FEFA8C0000-0x000007FEFA8D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-81-0x000007FEFA550000-0x000007FEFA561000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-83-0x000007FEFA390000-0x000007FEFA3A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-82-0x000007FEFA3E0000-0x000007FEFA3FD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2672-76-0x000007FEF5B40000-0x000007FEF5DF6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2672-84-0x000007FEF5660000-0x000007FEF586B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2672-87-0x000007FEFA360000-0x000007FEFA381000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2672-88-0x000007FEF7490000-0x000007FEF74A8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2672-86-0x000007FEF6650000-0x000007FEF6691000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2672-89-0x000007FEF7430000-0x000007FEF7441000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-90-0x000007FEF71B0000-0x000007FEF71C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-92-0x000007FEF4590000-0x000007FEF45AB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2672-91-0x000007FEF6630000-0x000007FEF6641000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-93-0x000007FEF4570000-0x000007FEF4581000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-94-0x000007FEF4550000-0x000007FEF4568000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2672-95-0x000007FEF4520000-0x000007FEF4550000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2672-98-0x000007FEF4410000-0x000007FEF4421000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-96-0x000007FEF44B0000-0x000007FEF4517000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2672-102-0x000007FEF4330000-0x000007FEF4348000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2672-106-0x000007FEF3790000-0x000007FEF37A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-105-0x000007FEF42C0000-0x000007FEF42D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2672-104-0x000007FEF42E0000-0x000007FEF42F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-103-0x000007FEF4300000-0x000007FEF4323000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2672-101-0x000007FEF4350000-0x000007FEF4374000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2672-100-0x000007FEF4380000-0x000007FEF43A8000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2672-99-0x000007FEF43B0000-0x000007FEF4407000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2672-107-0x000007FEF3610000-0x000007FEF3790000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2672-108-0x000007FEFA580000-0x000007FEFA591000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-109-0x000007FEF2E20000-0x000007FEF2E31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-97-0x000007FEF4430000-0x000007FEF44AC000-memory.dmp

    Filesize

    496KB

    Download

  • memory/2672-110-0x000007FEF2E00000-0x000007FEF2E12000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2672-111-0x000007FEF2BB0000-0x000007FEF2BC8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2672-112-0x000007FEF2B40000-0x000007FEF2B56000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2672-113-0x000007FEF29C0000-0x000007FEF29EA000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2672-114-0x000007FEF2450000-0x000007FEF2462000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2672-115-0x000007FEF2650000-0x000007FEF2661000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-116-0x000007FEF25B0000-0x000007FEF25C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-118-0x000007FEF2520000-0x000007FEF254F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2672-117-0x000007FEF2550000-0x000007FEF25A7000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2672-119-0x000007FEF2500000-0x000007FEF2513000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2672-120-0x000007FEF24E0000-0x000007FEF24F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-121-0x000007FEF2380000-0x000007FEF2445000-memory.dmp

    Filesize

    788KB

    Download

  • memory/2672-123-0x000007FEF24A0000-0x000007FEF24B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-124-0x000007FEF2480000-0x000007FEF2494000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2672-125-0x000007FEF2360000-0x000007FEF2372000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2672-126-0x000007FEF2340000-0x000007FEF2354000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2672-122-0x000007FEF24C0000-0x000007FEF24D3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2672-127-0x000007FEF2320000-0x000007FEF233E000-memory.dmp

    Filesize

    120KB

    Download

  • memory/2672-130-0x000007FEF22C0000-0x000007FEF22D4000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2672-131-0x000007FEF2290000-0x000007FEF22BC000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2672-132-0x000007FEF2270000-0x000007FEF2283000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2672-135-0x000007FEF21F0000-0x000007FEF2201000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2672-138-0x000007FEF21B0000-0x000007FEF21C6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2672-137-0x000007FEFAC00000-0x000007FEFAC10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2672-136-0x000007FEF21D0000-0x000007FEF21E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2672-134-0x000007FEF2210000-0x000007FEF2226000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2672-133-0x000007FEF2230000-0x000007FEF2261000-memory.dmp

    Filesize

    196KB

    Download

  • memory/2672-129-0x000007FEF22E0000-0x000007FEF22F5000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2672-128-0x000007FEF2300000-0x000007FEF2317000-memory.dmp

    Filesize

    92KB

    Download