Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3Burst Roya...le.exe
windows7-x64
3Burst Roya...le.exe
windows10-2004-x64
10infinst.exe
windows7-x64
4infinst.exe
windows10-2004-x64
4xinput1_3.dll
windows7-x64
1xinput1_3.dll
windows10-2004-x64
1xinput1_3.dll
windows7-x64
3xinput1_3.dll
windows10-2004-x64
3Burst Roya...UP.dll
windows7-x64
4Burst Roya...UP.dll
windows10-2004-x64
4Burst Roya...UP.exe
windows7-x64
4Burst Roya...UP.exe
windows10-2004-x64
4Burst Roya...32.dll
windows7-x64
4Burst Roya...32.dll
windows10-2004-x64
4dxdllreg.exe
windows7-x64
4dxdllreg.exe
windows10-2004-x64
4dxupdate.dll
windows7-x64
3dxupdate.dll
windows10-2004-x64
3Burst Roya...ry.pdf
windows7-x64
3Burst Roya...ry.pdf
windows10-2004-x64
3Burst Roya...ry.pdf
windows7-x64
3Burst Roya...ry.pdf
windows10-2004-x64
3Burst Roya...nd.pdf
windows7-x64
3Burst Roya...nd.pdf
windows10-2004-x64
3Burst Roya...ent.js
windows7-x64
3Burst Roya...ent.js
windows10-2004-x64
3Burst Roya...ent.js
windows7-x64
3Burst Roya...ent.js
windows10-2004-x64
3Burst Roya...ons.js
windows7-x64
3Burst Roya...ons.js
windows10-2004-x64
3Burst Roya...r.html
windows7-x64
3Burst Roya...r.html
windows10-2004-x64
3Analysis
-
max time kernel
150s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
22/12/2024, 00:27
Static task
static1
Behavioral task
behavioral1
Sample
Burst Royale 0.9/BurstRoyale.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Burst Royale 0.9/BurstRoyale.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
infinst.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
infinst.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
xinput1_3.dll
Resource
win7-20241023-en
Behavioral task
behavioral6
Sample
xinput1_3.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
xinput1_3.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
xinput1_3.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Burst Royale 0.9/DirectX/DSETUP.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Burst Royale 0.9/DirectX/DSETUP.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Burst Royale 0.9/DirectX/DXSETUP.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Burst Royale 0.9/DirectX/DXSETUP.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Burst Royale 0.9/DirectX/dsetup32.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Burst Royale 0.9/DirectX/dsetup32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
dxdllreg.exe
Resource
win7-20241023-en
Behavioral task
behavioral16
Sample
dxdllreg.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
dxupdate.dll
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
dxupdate.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/new summary.pdf
Resource
win7-20240729-en
Behavioral task
behavioral20
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/new summary.pdf
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/old summary.pdf
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/old summary.pdf
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/summary Legend.pdf
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Burst Royale 0.9/Engine/CompareTamplateFile/summary Legend.pdf
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Burst Royale 0.9/Engine/FxCEF/cef_100_percent.js
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Burst Royale 0.9/Engine/FxCEF/cef_100_percent.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Burst Royale 0.9/Engine/FxCEF/cef_200_percent.js
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
Burst Royale 0.9/Engine/FxCEF/cef_200_percent.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Burst Royale 0.9/Engine/FxCEF/cef_extensions.js
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
Burst Royale 0.9/Engine/FxCEF/cef_extensions.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Burst Royale 0.9/Engine/FxCEF/error/en-US/error.html
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Burst Royale 0.9/Engine/FxCEF/error/en-US/error.html
Resource
win10v2004-20241007-en
General
-
Target
Burst Royale 0.9/Engine/CompareTamplateFile/summary Legend.pdf
-
Size
8KB
-
MD5
cf7573604f9c1594ae61f860ac3f2c95
-
SHA1
e6eccdd13c41232377d21bc471c161bf6ec3505a
-
SHA256
0c50a31f3b69ce9a52a681254c209fa43ad66745198c835ee80b132922344522
-
SHA512
6581ee1f537c912678182520c9081c3c75d04518f79da39b910f6d4726d38e9f7a5965ed26989c90c36a0b55ddb76d3662f1b3c51912a65d0473bbfe66a4513b
-
SSDEEP
192:bTJRTGocctDiuQFiiF0FoF8k0YGPq7gVpr:bTJRTGoccBiuQFiiF0FoFP0YGi7+pr
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language AcroRd32.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2160 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2160 AcroRd32.exe 2160 AcroRd32.exe 2160 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Burst Royale 0.9\Engine\CompareTamplateFile\summary Legend.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2160
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55390f6a176471a1b73cb3c06df5b954a
SHA140f397d0f5c688087500c60c06232ac8adb617d9
SHA256f5f9b8064745b2f99e33f1c01c9904cda160c870b1a92aca294881a475267026
SHA51281ee3efcf08f710af343d3f933ded658fba853b828389578b10bc7d3a36d020002c213924559487e170e8fc49b0eebedce7759068a0280f6cf7fb3ba02676931