Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
11/10/2024, 20:38
General
-
Target
NitroBoostGen24.exe
-
Size
23.5MB
-
MD5
3d616d8ba8411a4b431b8bba0adc1ef3
-
SHA1
2599930bd8518815ce081b86d72dfbc8fcf61d86
-
SHA256
0a7aa8f6bfea8d0ba1b452e540352a132ff7be02cfd7f9f2b7eb9e01fcad7520
-
SHA512
744e61ebaa4079d0ce5735dde1f50333f448f96a318a387a1121e21860ddc77cfac5908fb3b370dff5598329cd2317779d9571c8a6dff2943df33958a765d089
-
SSDEEP
393216:pa92Yg5BHtSTurEUWjE+8PvIxjDTVggMHDDgSezga6yWH9SFPTw6xG:s9SVGdbE+KvIFVOj0Sezgak9SFPJ8
Malware Config
Signatures
-
Cats the Freakster 1 IoCs
my daddy freakster was mentioned in this file 🥵
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\NitroBoostGen24.exe"C:\Users\Admin\AppData\Local\Temp\NitroBoostGen24.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\NitroBoostGen24.exe"C:\Users\Admin\AppData\Local\Temp\NitroBoostGen24.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.7MB
MD58f165bfadf970edafd59067ad45a3952
SHA116c1876f2233087156b49db35d4d935c6e17be6a
SHA25622470af77229d53d9141823c12780db63c43703dd525940bc479730d2e43513d
SHA512b3af95dc9a68e21e8eca98e451b935f72663c2552ebf26de299716f17193f238d55c292df953d641defcbcec3ea18eb37cd4b839800804efa8f40658427263ae
-
Filesize
6.8MB