Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Balatro.v1...ta.zip

windows11-21h2-x64

1

Balatro.v1...ro.exe

windows11-21h2-x64

1

Balatro.v1...32.dll

windows11-21h2-x64

1

Balatro.v1...L2.dll

windows11-21h2-x64

1

Balatro.v1...ps.dll

windows11-21h2-x64

1

Balatro.v1...se.txt

windows11-21h2-x64

3

Balatro.v1...ve.dll

windows11-21h2-x64

1

Balatro.v1...51.dll

windows11-21h2-x64

1

Balatro.v1...am.dll

windows11-21h2-x64

1

Balatro.v1...23.dll

windows11-21h2-x64

1

Balatro.v1...20.dll

windows11-21h2-x64

1

Balatro.v1...20.dll

windows11-21h2-x64

1

Balatro.v1...me.txt

windows11-21h2-x64

3

Balatro.v1...64.dll

windows11-21h2-x64

1

Balatro.v1...64.dll

windows11-21h2-x64

1

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...ts.txt

windows11-21h2-x64

3

Balatro.v1...me.txt

windows11-21h2-x64

3

Balatro.v1...ge.txt

windows11-21h2-x64

3

Balatro.v1...rt.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...es.txt

windows11-21h2-x64

3

Balatro.v1...AL.txt

windows11-21h2-x64

3

Balatro.v1...ME.txt

windows11-21h2-x64

3

Resubmissions

30/09/2024, 02:57 UTC

240930-dflr2svapl 3

30/09/2024, 02:54 UTC

240930-dedp2sydrf 3

30/09/2024, 02:49 UTC

240930-dbcnksycnh 3

30/09/2024, 02:46 UTC

240930-c9pkcsybqb 3

Analysis

  • max time kernel
    90s
  • max time network
    97s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30/09/2024, 02:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Balatro.v1.0.1c.Beta/Balatro/steam_settings/force_account_name.txt

  • Size

    8B

  • MD5

    5028563b50b2f000e291a825e95329e1

  • SHA1

    2d2daae52dcafdd8a1351b23a9232cb31dd9035f

  • SHA256

    c575a0aca29870d7a02b83542b457f06efb465aa84f051aedd01087c346c1d0b

  • SHA512

    502a680f7ef8d6c84d5889cac3093071f98633991def2321c78655ccab4b44d897d5eab98ebf183353525d8d7900cd8a0436f3bab62c9c7436ff8163c699c7f2

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.1c.Beta\Balatro\steam_settings\force_account_name.txt
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:1420
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.1c.Beta\Balatro\steam_settings\force_account_name.txt
      2⤵
      • Opens file in notepad (likely ransom note)
      PID:4868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.