Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

SilverBull...til.py

windows7-x64

3

SilverBull...til.py

windows10-2004-x64

3

SilverBull...ion.py

windows7-x64

3

SilverBull...ion.py

windows10-2004-x64

3

SilverBull...ate.py

windows7-x64

3

SilverBull...ate.py

windows10-2004-x64

3

SilverBull...est.py

windows7-x64

3

SilverBull...est.py

windows10-2004-x64

3

SilverBull...ing.py

windows7-x64

3

SilverBull...ing.py

windows10-2004-x64

3

SilverBull...t__.py

windows7-x64

3

SilverBull...t__.py

windows10-2004-x64

3

SilverBull...rds.py

windows7-x64

3

SilverBull...rds.py

windows10-2004-x64

3

SilverBull...ser.py

windows7-x64

3

SilverBull...ser.py

windows10-2004-x64

3

SilverBull...ddr.py

windows7-x64

3

SilverBull...ddr.py

windows10-2004-x64

3

SilverBull...ase.py

windows7-x64

3

SilverBull...ase.py

windows10-2004-x64

3

SilverBull...ime.py

windows7-x64

3

SilverBull...ime.py

windows10-2004-x64

3

SilverBull...set.py

windows7-x64

3

SilverBull...set.py

windows10-2004-x64

3

SilverBull...ger.py

windows7-x64

3

SilverBull...ger.py

windows10-2004-x64

3

SilverBull...ers.py

windows7-x64

3

SilverBull...ers.py

windows10-2004-x64

3

SilverBull...ors.py

windows7-x64

3

SilverBull...ors.py

windows10-2004-x64

3

SilverBull...ser.py

windows7-x64

3

SilverBull...ser.py

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 11:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SilverBullet.1.4.1.Pro/SilverBullet 1.4.1 [Pro]/lib/email/feedparser.py

  • Size

    22KB

  • MD5

    29c8749fa34e95e9d04c6282881e73ea

  • SHA1

    3ef3b219f6b3f0cc9cae86816f2866856aff12f1

  • SHA256

    60268514604d88e0b74ca5b729a422931d4f8b0f3730cca96694b4fe381d5ddc

  • SHA512

    a7b729b60967f7b51df0386ee138a35c0c60ed862827701f3660da4a7f7f3687c827f169fffed43faf38b284cebc70c95f9d7efff50bda98d41faaa9083fcf1a

  • SSDEEP

    384:YSdeJYwnj9YUn00P4UyGi5BJmEUTb85hEF:YSgh00P4UyGa+EUTbGhEF

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\SilverBullet.1.4.1.Pro\SilverBullet 1.4.1 [Pro]\lib\email\feedparser.py"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1076
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\SilverBullet.1.4.1.Pro\SilverBullet 1.4.1 [Pro]\lib\email\feedparser.py
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2092
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\SilverBullet.1.4.1.Pro\SilverBullet 1.4.1 [Pro]\lib\email\feedparser.py"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    30e2a1b69c79b797bfa216ff0b3fcf81

    SHA1

    1f6002ec9345d53adb6a7126c8a2b2f545e6a62d

    SHA256

    a944746ef1e73f1634b3224b808a029bc6f58f61dcf6150b66401c4b16b2c365

    SHA512

    ae6e760ba95767214fe7eaaa45cfb4646877a62456cda6c41ecccd1e205484c4395c9484277a3be3d0192bced4abe156b17445e119238069fb3d20171f91d778

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.