Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

27/10/2024, 22:07

241027-11lzwavajj 7

27/10/2024, 22:05

241027-1zxd8athrj 7

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/10/2024, 22:05

General

  • Target

    OperaGXSetup.exe

  • Size

    3.1MB

  • MD5

    55b9a000654a03888ca18b750db46d7c

  • SHA1

    facaab327614ba053bce3e545fcd7fed9e8ceb30

  • SHA256

    65dbe0108727614fc1b82475e8fa0c171added385b1ec831e9cdc0c4af9d741a

  • SHA512

    93093eef6b8d3820b6565d92be035d4214b059829afdfb6f8048b6772881c82f4e877a0a4d0b05bb00b1099b732eed3ed8b9c98a591f93386187c8c02906ce3e

  • SSDEEP

    98304:LAcRTd/kggQSwydThBmnXodHG+z92I0xkZV8zDzSCw:PRTFkg3SwyhsXoRG+zAkZCzDz/w

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2316
    • C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe --server-tracking-blob=MjAxZjA1YjliYzBhMTE2Nzg3Y2MwYmJkNGQxMWYxZDcxNTFhYTlmMmNkNWQ0NDFmMTI3YWZjNjkyZWM4NDQ5YTp7ImNvdW50cnkiOiJQUiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT15dCZ1dG1fbWVkaXVtPXl0X2luZmx1ZW5jZXJzJnV0bV9jYW1wYWlnbj1jNTlfeXRfZ3hfdXNfUEFDS0dPRDUmaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5vcGVyYS5jb20lMkZneCUyRnBhY2tnb2QlM0Z1dG1fc291cmNlJTNEeXQlMjZ1dG1fbWVkaXVtJTNEeXRfaW5mbHVlbmNlcnMlMjZ1dG1fY2FtcGFpZ24lM0RjNTlfeXRfZ3hfdXNfUEFDS0dPRDUlMjZzaG9ydGxpbmslM0R1NDA0aTlkdyUyNmMlM0RQQUNLR09ENSUyNnBpZCUzRHl0JTI2YWZfeHAlM0RjdXN0b20lMjZzb3VyY2VfY2FsbGVyJTNEdWkmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZwYWNrZ29kJmRsX3Rva2VuPTU2OTk5NDA0IiwidGltZXN0YW1wIjoiMTcyNTEwMTI0NC4yMzE1IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IEVkZy8xMjguMC4wLjAiLCJ1dG0iOnsiY2FtcGFpZ24iOiJjNTlfeXRfZ3hfdXNfUEFDS0dPRDUiLCJsYXN0cGFnZSI6Im9wZXJhLmNvbS9wYWNrZ29kIiwibWVkaXVtIjoieXRfaW5mbHVlbmNlcnMiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoieXQifSwidXVpZCI6ImNlNDM1MTgzLTgzOGYtNGFiZi1iZDU1LTY5NzFkMmMxMzI5NiJ9
      2⤵
      • Executes dropped EXE
      PID:2148

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zSC096D866\setup.exe

    Filesize

    6.4MB

    MD5

    b4da1657d31832c9965d54c5037a3402

    SHA1

    c312863d621b0b5ec9ec930b1db73de3c95f7141

    SHA256

    563fcd4ca2678ddb6c1366c92aa4daa410d7eba73d68d9336fb967f732770c8d

    SHA512

    643d2ec57767443e0efcc580a0e5abe062375f34b936daa22aa24e20d837b84854de18f636dc0ca5d100b4309a456746d733a65f8d1ccb173fe590ab5bf99007