Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Autorisoft.zip

windows11-21h2-x64

1

Start.exe

windows11-21h2-x64

10

gui.lua

windows11-21h2-x64

3

internal/e...ck.lua

windows11-21h2-x64

3

internal/e...eg.lua

windows11-21h2-x64

3

internal/e...ad.lua

windows11-21h2-x64

3

internal/e...rs.lua

windows11-21h2-x64

3

internal/e...rs.lua

windows11-21h2-x64

3

internal/e...or.lua

windows11-21h2-x64

3

internal/e...es.lua

windows11-21h2-x64

3

internal/e...es.lua

windows11-21h2-x64

3

internal/game/AI.lua

windows11-21h2-x64

3

internal/g...ip.lua

windows11-21h2-x64

3

internal/g...ity.js

windows11-21h2-x64

3

internal/g...ct.lua

windows11-21h2-x64

3

internal/game/Ped.lua

windows11-21h2-x64

3

internal/g...er.lua

windows11-21h2-x64

3

internal/g...le.lua

windows11-21h2-x64

3

internal/g...me.lua

windows11-21h2-x64

3

internal/g...cs.lua

windows11-21h2-x64

3

internal/game/gui.js

windows11-21h2-x64

3

internal/g...enu.js

windows11-21h2-x64

3

internal/g...ng.lua

windows11-21h2-x64

3

internal/g...er.lua

windows11-21h2-x64

3

internal/game/ui.lua

windows11-21h2-x64

3

internal/main.dll

windows11-21h2-x64

5

internal/main.lua

windows11-21h2-x64

3

internal/m...on.lua

windows11-21h2-x64

3

internal/m...ds.lua

windows11-21h2-x64

3

internal/m...kv.lua

windows11-21h2-x64

3

main_functions.lua

windows11-21h2-x64

3

natives.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    93s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-en
  • resource tags

    arch:x64arch:x86image:win11-20241023-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/12/2024, 14:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    internal/game/game.lua

  • Size

    988B

  • MD5

    84f78077881d1db0c50e6af53f0aac61

  • SHA1

    f178bcfa6d2fd08bdfe31e47337db4b032792c2b

  • SHA256

    14090f2b5dcc0b51481fe2d554a0c2571df581ed8461804a8470748eabbbc7e4

  • SHA512

    46cfc883eb62c6df3667d007f25823651284c0c396302af36e151faf80bbf51d0c2d6181f56b6dfe428cf8bc573ba6e4054fc899578f83b02660fd4be0cef51c

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\internal\game\game.lua
    1⤵
    • Modifies registry class
    PID:4808
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1096

Network

  • flag-us
    DNS
    8.8.8.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    8.8.8.8.in-addr.arpa
    IN PTR
    Response
    8.8.8.8.in-addr.arpa
    IN PTR
    dnsgoogle
No results found
  • 8.8.8.8:53
    8.8.8.8.in-addr.arpa
    dns
    66 B
     90 B
     1
    1

    DNS Request

    8.8.8.8.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.