Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Frankies_FunClub.zip

windows7-x64

1

Frankies_FunClub.zip

windows10-2004-x64

1

Frankie's FunClub.exe

windows7-x64

3

Frankie's FunClub.exe

windows10-2004-x64

1

Frankie's FunClub.pck

windows7-x64

3

Frankie's FunClub.pck

windows10-2004-x64

3

godot-jolt...64.dll

windows7-x64

1

godot-jolt...64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2024, 21:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Frankies_FunClub.zip

  • Size

    594.0MB

  • MD5

    d8ffcb3d4f5872787dc6b16659806c2a

  • SHA1

    6a0817b4a1e33e45cf147c444e58db5bedd696a6

  • SHA256

    75157852354ae856c5d818602e31347e32b35e71203c7639eb157db327857f4a

  • SHA512

    f599a9867849bef6a7f8868abd7fc5ae616792bcb348d79120c2a97ca7ffcd5b7103cf8910c0462b3962a0673d8d787e12b56cb3ae5f122aaa2f702f208e57d6

  • SSDEEP

    12582912:/oZCYlL0zXiPy7NoFCtxhxv0RUju6iOLGXedvNsdJW6YrDA/z1yAAn5gmxuj+o:/oZDlkSPcDhxvwUjfHgelNKGA/0R5goc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 9 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Frankies_FunClub.zip
    1⤵
      PID:2704
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2104
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x4f4
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2676
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Public\Videos\Sample Videos\Wildlife.wmv"
        1⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:1236

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1236-12-0x000000013F590000-0x000000013F688000-memory.dmp

        Filesize

        992KB

        Download

      • memory/1236-13-0x000007FEF5CB0000-0x000007FEF5CE4000-memory.dmp

        Filesize

        208KB

        Download

      • memory/1236-14-0x000007FEF53F0000-0x000007FEF56A6000-memory.dmp

        Filesize

        2.7MB

        Download

      • memory/1236-15-0x000007FEF4030000-0x000007FEF50E0000-memory.dmp

        Filesize

        16.7MB

        Download