Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Lorydos.exe

windows7-x64

7

Lorydos.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Installer.exe

windows7-x64

1

Installer.exe

windows10-2004-x64

1

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...pi.dll

windows7-x64

1

resources/...pi.dll

windows10-2004-x64

1

resources/...act.js

windows7-x64

3

resources/...act.js

windows10-2004-x64

3

sqlite-aut...ace.js

windows7-x64

3

sqlite-aut...ace.js

windows10-2004-x64

3

sqlite-aut...al.ps1

windows7-x64

3

sqlite-aut...al.ps1

windows10-2004-x64

3

sqlite-aut...re.vbs

windows7-x64

1

sqlite-aut...re.vbs

windows10-2004-x64

1

sqlite-aut...ain.sh

windows7-x64

3

sqlite-aut...ain.sh

windows10-2004-x64

3

sqlite-aut...re.vbs

windows7-x64

1

Resubmissions

14/09/2024, 02:42

240914-c7fvfasglp 8

14/09/2024, 02:37

240914-c4gmkaseqn 7

Analysis

  • max time kernel
    119s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 02:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    4.5MB

  • MD5

    d4a79b5d46f0931b9eb7125fd40baff0

  • SHA1

    3a38fb263dde2251b9fe157b5fddec7acb07c53e

  • SHA256

    03f1d245e6a2facca9edbdaad108169e0765dd9101875bc2d123797994b9e80f

  • SHA512

    17cf94805f11d499ff12d8e42cb262ceecbeb265f56338e0837d291f6a7ed7f8135a025dbe99fdb2e2bb299f2267bed9365976ea51269aafd4c3220cffef9339

  • SSDEEP

    24576:thgBBmnLiLArZ62BrcrnKHq/kUkBAwi9QxruE:rYBmLAehN6KK+xV

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2260

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    186575304c054282ca0e20fd780d9331

    SHA1

    d88fc6fb598186a7df33cc114a609912f5871018

    SHA256

    462eb5ca57778ba663874fc956f72e564d3e1d6518c9e3be4e52e06e67d81de6

    SHA512

    86279bfe2ee665cd0fae7a6deb006d4e665cd655cf43ee5a6d44acda028906633668bfa3c5a4a1fe4fe43866d14fdedad7daa1481678d0ae624413d22ce82a21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb97579a92ec04752ddba763fba3f818

    SHA1

    53739017e587a05c683a405e248e03093cd56461

    SHA256

    e17f8f9c917683f57be29ee2c1aac79cba0735c637c52e2d3b109166b8028537

    SHA512

    1ea7d280cc5c31a0700d137f03ce2a5ff34baf85e81e2371dc88c6cd5176e37dd0ae22dc4c90325eda0c61a2415ea49369208d79eebca88cfb47d34acaf3fcad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05e720466a39240f9c0c2785e2e5d95e

    SHA1

    8bced4fac92784848dba9975215b2c7f28a078b0

    SHA256

    002f60ef32a995344233cc64a2b9a11e8253cadc2a5ee457bc81dc798a630835

    SHA512

    a92896fc1ae9bdec0a9723244ef8124690a4396f2d877678873d97c17e37ccdb5787acea3a2ac64e09a7c449902a545bb1d6b4b20e74665dee7c3e8b5751ef54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    030778a214e41408891b7e4296813928

    SHA1

    7de1ca38f1d6dd3a186da7ac2de6922529936300

    SHA256

    57d819dcc9f46d72c1d5940774eae9ce65bda19c255b901b4279376649fdd158

    SHA512

    919a4337c9f50efcb02e6375df8383556b2f8674b82a2ccbc0c003dc91d9e98ba70c1b36660dac7ebd05b5101ec9c889321aeec60623cfada5233d58d88184cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    171c4d8a16d40c48932c7fc53eb6e91c

    SHA1

    32f08f89b173184ef2877f4fa5e757bcc6cd8b7a

    SHA256

    d7e7ba1dcf2c8112ec7d3bac8726b6cea86dd153c7f9a3b2b99f61b533f1dc08

    SHA512

    f89a59877b98ab9c0124aa06d458db77fc78a5600c6efeb616cc275dcd5aa27e52ceaa31098866dfe9bf7a3a7a93d7822ef0b784d82cb15bcfd838c7de7d497a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bb324056d33a9140f29b59ce4ddac0b

    SHA1

    65181f96b409c7fc4fb8782e10e7efce760ebe2a

    SHA256

    ca16abae22834e928ad0fc1935f5c92c992c8dff96430b7eebc8ebacf2e2740b

    SHA512

    ddbc6ecca2e7fad04ccc0d98125eadfaeb61e0152c753b6a3e6d584989110e5961362c560aa5f3047edbd9eb30f22c3c03422b5a68bfcf810b6d4814d3ab32ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c309f9a6104daea008c914397fd6e161

    SHA1

    479858af14a0c6874a4f8c3874f3eb118a9527ab

    SHA256

    7859d0c661631dfa44a4f1feca705b3c2ada788401832a88b7c14e42f07d83a2

    SHA512

    546a105672a77582e26d7af8e020df10ef16fe7e28c3d530db4e44d88326a49e278b2e027b8ee50c9cdb0ab398e9322ed236b4564c66f58850094edc328b94f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2EC1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar377B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit