Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Autorisoft.zip

windows11-21h2-x64

1

Start.exe

windows11-21h2-x64

10

gui.lua

windows11-21h2-x64

3

internal/e...ck.lua

windows11-21h2-x64

3

internal/e...eg.lua

windows11-21h2-x64

3

internal/e...ad.lua

windows11-21h2-x64

3

internal/e...rs.lua

windows11-21h2-x64

3

internal/e...rs.lua

windows11-21h2-x64

3

internal/e...or.lua

windows11-21h2-x64

3

internal/e...es.lua

windows11-21h2-x64

3

internal/e...es.lua

windows11-21h2-x64

3

internal/game/AI.lua

windows11-21h2-x64

3

internal/g...ip.lua

windows11-21h2-x64

3

internal/g...ity.js

windows11-21h2-x64

3

internal/g...ct.lua

windows11-21h2-x64

3

internal/game/Ped.lua

windows11-21h2-x64

3

internal/g...er.lua

windows11-21h2-x64

3

internal/g...le.lua

windows11-21h2-x64

3

internal/g...me.lua

windows11-21h2-x64

3

internal/g...cs.lua

windows11-21h2-x64

3

internal/game/gui.js

windows11-21h2-x64

3

internal/g...enu.js

windows11-21h2-x64

3

internal/g...ng.lua

windows11-21h2-x64

3

internal/g...er.lua

windows11-21h2-x64

3

internal/game/ui.lua

windows11-21h2-x64

3

internal/main.dll

windows11-21h2-x64

5

internal/main.lua

windows11-21h2-x64

3

internal/m...on.lua

windows11-21h2-x64

3

internal/m...ds.lua

windows11-21h2-x64

3

internal/m...kv.lua

windows11-21h2-x64

3

main_functions.lua

windows11-21h2-x64

3

natives.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/12/2024, 14:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    internal/game/Object.lua

  • Size

    95B

  • MD5

    b91ef87c27f50a0027b7e1c82be520bb

  • SHA1

    d01c21a6fab3ad8239970255867e40369dacde72

  • SHA256

    a77f0b448eafd9fea35835629e4480b911bda3faa402a996d813db13867e512b

  • SHA512

    514df7a7101529b035b876c519a27619349f8575f0c58e5eba357b10bb8058f9e105fa7ea97ff6f5aa5a3fa064699908099cbd6f8aa9903c740c12779b430a50

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\internal\game\Object.lua
    1⤵
    • Modifies registry class
    PID:2140
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:548

Network

  • flag-us
    DNS
    23.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    23.236.111.52.in-addr.arpa
    IN PTR
    Response
No results found
  • 8.8.8.8:53
    23.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    23.236.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.