Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Balatro.v1...ta.zip

windows11-21h2-x64

1

Balatro.v1...ro.exe

windows11-21h2-x64

1

Balatro.v1...32.dll

windows11-21h2-x64

1

Balatro.v1...L2.dll

windows11-21h2-x64

1

Balatro.v1...ps.dll

windows11-21h2-x64

1

Balatro.v1...se.txt

windows11-21h2-x64

3

Balatro.v1...ve.dll

windows11-21h2-x64

1

Balatro.v1...51.dll

windows11-21h2-x64

1

Balatro.v1...am.dll

windows11-21h2-x64

1

Balatro.v1...23.dll

windows11-21h2-x64

1

Balatro.v1...20.dll

windows11-21h2-x64

1

Balatro.v1...20.dll

windows11-21h2-x64

1

Balatro.v1...me.txt

windows11-21h2-x64

3

Balatro.v1...64.dll

windows11-21h2-x64

1

Balatro.v1...64.dll

windows11-21h2-x64

1

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...ts.txt

windows11-21h2-x64

3

Balatro.v1...me.txt

windows11-21h2-x64

3

Balatro.v1...ge.txt

windows11-21h2-x64

3

Balatro.v1...rt.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...id.txt

windows11-21h2-x64

3

Balatro.v1...es.txt

windows11-21h2-x64

3

Balatro.v1...AL.txt

windows11-21h2-x64

3

Balatro.v1...ME.txt

windows11-21h2-x64

3

Resubmissions

30/09/2024, 02:57 UTC

240930-dflr2svapl 3

30/09/2024, 02:54 UTC

240930-dedp2sydrf 3

30/09/2024, 02:49 UTC

240930-dbcnksycnh 3

30/09/2024, 02:46 UTC

240930-c9pkcsybqb 3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30/09/2024, 02:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Balatro.v1.0.1c.Beta/Balatro/steam_settings/steam_appid.txt

  • Size

    7B

  • MD5

    9aba295450a6e6cb58ec0e73f6d5328c

  • SHA1

    e7afcf757e41dceba7b916669fe9e9d23587cfbc

  • SHA256

    843f16eaaec7c898763c4c4b3954313d825de1b259cb983e1abc1112119d5ea5

  • SHA512

    2b4ff86d11d8e8659fc53e57cc6f4c2bb5ec7ae54dfa083e44192331917fa471fb6069f88ad3448f2b3fded428451d278bd4bfcf13e23b8715dbf2a7f63cf01e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.1c.Beta\Balatro\steam_settings\steam_appid.txt
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:4452
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.1c.Beta\Balatro\steam_settings\steam_appid.txt
      2⤵
      • Opens file in notepad (likely ransom note)
      PID:3748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.