Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

NYX.zip

windows7-x64

1

NYX.zip

windows10-2004-x64

1

CefSharp.C...me.dll

windows7-x64

3

CefSharp.C...me.dll

windows10-2004-x64

3

Nyx.exe

windows7-x64

6

Nyx.exe

windows10-2004-x64

8

Nyx.exe.config

windows7-x64

3

Nyx.exe.config

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

3

debug.log

windows7-x64

1

debug.log

windows10-2004-x64

1

lib/ace/ace.html

windows7-x64

3

lib/ace/ace.html

windows10-2004-x64

3

lib/ace/ace/ace.js

windows7-x64

3

lib/ace/ace/ace.js

windows10-2004-x64

3

lib/ace/ac...ify.js

windows7-x64

3

lib/ace/ac...ify.js

windows10-2004-x64

3

lib/ace/ac...ens.js

windows7-x64

3

lib/ace/ac...ens.js

windows10-2004-x64

3

lib/ace/ac...ite.js

windows7-x64

3

lib/ace/ac...ite.js

windows10-2004-x64

3

lib/ace/ac...met.js

windows7-x64

3

lib/ace/ac...met.js

windows10-2004-x64

3

lib/ace/ac...ker.js

windows7-x64

3

lib/ace/ac...ker.js

windows10-2004-x64

3

lib/ace/ac...enu.js

windows7-x64

3

lib/ace/ac...enu.js

windows10-2004-x64

3

lib/ace/ac...ols.js

windows7-x64

3

lib/ace/ac...ols.js

windows10-2004-x64

3

lib/ace/ac...ing.js

windows7-x64

3

lib/ace/ac...ing.js

windows10-2004-x64

3

lib/ace/ac...ist.js

windows7-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    206s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/09/2024, 15:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NYX.zip

  • Size

    140.9MB

  • MD5

    d3496d01232b84a990127079813f7a0e

  • SHA1

    6c5de1afdb7ba5a73315b2b09e59d0786d0ef44f

  • SHA256

    183160e943a1e0b38a07dc0d6fd775a32180bdee16cc5b5df90330276e95bd44

  • SHA512

    a72192fa74df1ab00b596d3cb458a38b911378275f00797a251756dbf4da619d4663e5a85e9f261881248a8c88ec2101845ff596d705b2398313a774383225aa

  • SSDEEP

    3145728:q10da5d4vVH3qZ9Li+5L+m/YOcSZX2/hv8LKNwzKnm0YG+FfsR:q10AY9H89LpKm/jcSZXOV81zKmLTFfsR

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 20 IoCs
  • Suspicious use of SendNotifyMessage 19 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\NYX.zip
    1⤵
      PID:3184
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\WaitApprove.DVR-MS"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:3232

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
      Filesize

      79B

      MD5

      35658baae51a174ca107ed1efeed1280

      SHA1

      52da9910df7e3eca58532486e5a30ebf2faa6e59

      SHA256

      dee6febc6eb7ff4629f36686a744257af6ca1b626bb508783b02be783e882721

      SHA512

      c2a5727d332ffd4a7c08ed8f22eac1c6c26e98ae186fade8fb233565c4a239a65ff606680d5eaeea7ed3796a7770e8fcc3dc9f3dc2b54d2a8abc8da6752e8bd5

      Download Submit

    • memory/3232-27-0x00007FF7C9C60000-0x00007FF7C9D58000-memory.dmp

      Filesize

      992KB

      Download

    • memory/3232-28-0x00007FF838670000-0x00007FF8386A4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/3232-29-0x00007FF82CBE0000-0x00007FF82CE96000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/3232-30-0x00007FF82B1C0000-0x00007FF82C270000-memory.dmp

      Filesize

      16.7MB

      Download