Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Malware-1-...30.exe

windows7-x64

10

Malware-1-...30.exe

windows10-2004-x64

10

Malware-1-...40.exe

windows7-x64

10

Malware-1-...40.exe

windows10-2004-x64

10

Malware-1-...32.exe

windows7-x64

10

Malware-1-...32.exe

windows10-2004-x64

10

Malware-1-.../5.exe

windows7-x64

10

Malware-1-.../5.exe

windows10-2004-x64

10

Malware-1-...91.exe

windows7-x64

10

Malware-1-...91.exe

windows10-2004-x64

10

Malware-1-...ey.exe

windows7-x64

7

Malware-1-...ey.exe

windows10-2004-x64

7

Malware-1-...ad.exe

windows7-x64

3

Malware-1-...ad.exe

windows10-2004-x64

3

Malware-1-...ti.exe

windows7-x64

5

Malware-1-...ti.exe

windows10-2004-x64

5

Malware-1-...an.bat

windows7-x64

7

Malware-1-...an.bat

windows10-2004-x64

7

Malware-1-...an.exe

windows7-x64

3

Malware-1-...an.exe

windows10-2004-x64

7

Malware-1-...ve.bat

windows7-x64

7

Malware-1-...ve.bat

windows10-2004-x64

7

Malware-1-...ve.exe

windows7-x64

6

Malware-1-...ve.exe

windows10-2004-x64

7

Malware-1-...ya.exe

windows7-x64

6

Malware-1-...ya.exe

windows10-2004-x64

Malware-1-...re.exe

windows7-x64

10

Malware-1-...re.exe

windows10-2004-x64

10

Malware-1-...ry.exe

windows7-x64

10

Malware-1-...ry.exe

windows10-2004-x64

10

Malware-1-...ck.exe

windows7-x64

3

Malware-1-...ck.exe

windows10-2004-x64

3

Resubmissions

13/02/2025, 01:26 UTC

250213-btppra1pcz 10

17/01/2025, 20:14 UTC

250117-yz7h3s1qfw 10

17/01/2025, 20:12 UTC

250117-yy9l2sslcr 10

17/01/2025, 17:25 UTC

250117-vy9p9sxpez 10

17/01/2025, 17:21 UTC

250117-vw8eesyjfp 10

17/01/2025, 14:16 UTC

250117-rk9ass1rhk 10

17/01/2025, 14:12 UTC

250117-rhv1ds1lds 10

16/01/2025, 12:52 UTC

250116-p4et7a1mez 10

Analysis

  • max time kernel
    838s
  • max time network
    844s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16/01/2025, 12:49 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Malware-1-master/Win32.EvilClusterFuck.exe

  • Size

    64KB

  • MD5

    2e84f71165225ba0f7f8187c0b2f0f37

  • SHA1

    3c9bf036163ede4b7f9152d04d1a83b7253dd029

  • SHA256

    c9b98408ca67d08e1986d1855c4d99944caad5580533d18496cd8de86dd0885f

  • SHA512

    82c39aaef6103877c8472a55eab6270d57f4d7c46830aedf5fbb5661d7e3fd7aee2e172cdc830cba22cd9034f37784a8cc34f70a5918491bccf148ee923db389

  • SSDEEP

    768:S5ohpPUa2T1VZj4jkVQu7MKquVspXKCxiJrFnMWDmLfe9NZ+OAhaptX/71tXHHi4:tcd1Pl7ZVsw3rFiLfe9NZmAP5ZC6N+

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 45 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Malware-1-master\Win32.EvilClusterFuck.exe
    "C:\Users\Admin\AppData\Local\Temp\Malware-1-master\Win32.EvilClusterFuck.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Malware-1-master\32.exe
    Filesize

    64KB

    MD5

    2e84f71165225ba0f7f8187c0b2f0f37

    SHA1

    3c9bf036163ede4b7f9152d04d1a83b7253dd029

    SHA256

    c9b98408ca67d08e1986d1855c4d99944caad5580533d18496cd8de86dd0885f

    SHA512

    82c39aaef6103877c8472a55eab6270d57f4d7c46830aedf5fbb5661d7e3fd7aee2e172cdc830cba22cd9034f37784a8cc34f70a5918491bccf148ee923db389

    Download Submit

  • memory/1992-0-0x0000000074411000-0x0000000074412000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1992-1-0x0000000074410000-0x00000000749BB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1992-2-0x0000000074410000-0x00000000749BB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1992-19-0x0000000074410000-0x00000000749BB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1992-24-0x0000000074410000-0x00000000749BB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1992-95-0x0000000074410000-0x00000000749BB000-memory.dmp

    Filesize

    5.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.