Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

03/01/2025, 17:30

250103-v3fb8avmdw 8

03/01/2025, 17:29

250103-v2veravmbz 8

Analysis

  • max time kernel
    4s
  • max time network
    4s
  • platform
    windows7_x64
  • resource
    win7-20241010-es
  • resource tags

    arch:x64arch:x86image:win7-20241010-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    03/01/2025, 17:29

General

  • Target

    OperaGXSetup.exe

  • Size

    3.8MB

  • MD5

    fb23e09da4b0ebd20a0072e75fd994f4

  • SHA1

    bc3433296ae972d574a368d50b737fd984cf3d38

  • SHA256

    e478c912ca786de43cc76bfece772eef194600726e5641dcaab4e0cb260fa90e

  • SHA512

    26d8005aaedb6066b65c1d564234ce25ab0aa9c318610a473aaa7e7fc71fcf5a4cb99fc9422be932ae36367ff48855a046eb0286ac848f34d575c8d519b19222

  • SSDEEP

    49152:SVAbwA+j3AtriaXicL8D8nqdZqb8oM28CBHmLOIt/ZwDAakqbMz3Lnn7cAWFJJx:WA+jxJIfMKmLOIt/yDh7MbLnnXWFl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2908
    • C:\Users\Admin\AppData\Local\Temp\7zSC5B61DD6\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zSC5B61DD6\setup.exe --server-tracking-blob=ZWJhYzcxNjgwMzIwMTNlNzhiYjU3YWE2ODViZjJjNjBmODRiODk1NzUwNDllMjY4ZWEzMDZkMDA5MzQyMDNkMDp7ImNvdW50cnkiOiJDTyIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9DTyZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTEyMjJfMzY1M2I5YmJlYjhmYzRkMTEwZDRmNWUxZTZjZDA4YTQmdXRtX2lkPWUzNjYyMWNkYWVkZTRhNjc4ZTI0OGMzY2EzNzFjZTBiJmh0dHBfcmVmZXJyZXI9bWlzc2luZyZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRmd4JnV0bV9pZD1lMzY2MjFjZGFlZGU0YTY3OGUyNDhjM2NhMzcxY2UwYiZkbF90b2tlbj03MTQyNDE5MyIsInRpbWVzdGFtcCI6IjE3MzU4NzEyOTguMzk0OCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNiBFZGcvMTMxLjAuMC4wIiwidXRtIjp7ImNhbXBhaWduIjoiUFdOX0NPIiwiY29udGVudCI6IjEyMjJfMzY1M2I5YmJlYjhmYzRkMTEwZDRmNWUxZTZjZDA4YTQiLCJpZCI6ImUzNjYyMWNkYWVkZTRhNjc4ZTI0OGMzY2EzNzFjZTBiIiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vZ3giLCJtZWRpdW0iOiJwYSIsInNpdGUiOiJvcGVyYV9jb20iLCJzb3VyY2UiOiJQV05nYW1lcyJ9LCJ1dWlkIjoiZDYxOTcwZjItZjM0YS00MGEwLTkyMGItNmIxNTM3Y2ExZWU5In0=
      2⤵
      • Executes dropped EXE
      PID:2236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zSC5B61DD6\setup.exe

    Filesize

    7.3MB

    MD5

    a147d284d9191cd8783a8055a21bfcce

    SHA1

    6f87e8302e28192475a3c362ec1d7597427b016c

    SHA256

    f7b4074a646e742f61d2ecf4b1e78e56216748a35670e23e8ef585a8008aa761

    SHA512

    37d4de184b8b41a41324258ee4e5de5429228bfc89d1c9ca11a786382f11741e4741d11bc392351ee0620cb08151d710c04d92ed5e42ee165c4463d5897c5984