Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Registrati...ck.bat

windows11-21h2-x64

10

Registrati...vn.exe

windows11-21h2-x64

8

Registrati...CU.ps1

windows11-21h2-x64

6

Registrati...an.vbs

windows11-21h2-x64

3

Registrati...AR.exe

windows11-21h2-x64

3

Registrati...RU.ps1

windows11-21h2-x64

3

Registrati...UK.ps1

windows11-21h2-x64

10

Registrati...in.ps1

windows11-21h2-x64

10

Registrati...an.vbs

windows11-21h2-x64

3

Registrati...ss.dll

windows11-21h2-x64

1

Registrati...ng.exe

windows11-21h2-x64

3

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Registrati...es.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    898s
  • max time network
    443s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12/03/2025, 18:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Registration (Crack)/language/uk-UA/LosslessScaling.exe

  • Size

    953KB

  • MD5

    2c98d33096e97094cbbbd19f27f40883

  • SHA1

    7e28af9d119d2658f962e3b28140c6081be1612b

  • SHA256

    010ac1120a88a772e87d9e9018aa5db034a9bac9399803d4a7c4db3c47a71df6

  • SHA512

    f9070ad6b2e3295fdde13aa8d7486147a7f9a675a924ad3bf117479baf5b573cf92650199e58378dd8345a28ab890bbd5021d374030c24836bfa65bb037dddc7

  • SSDEEP

    12288:ApDJEDS4MCLSyf6mOuGyW38yHJc+CKtOaO5Z7WhawnzE4ZbuRCwmhI2J+0sDgwl1:btMCLPf1Oi32OvzGo4ZiRlT/sN0

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Control Panel 4 IoCs
    defense_evasion
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe
    "C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe"
    1⤵
    • Modifies Control Panel
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:952
    • C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe
      "C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe"
      2⤵
      • Modifies Control Panel
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:4204
      • C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe
        "C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe"
        3⤵
        • Modifies Control Panel
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:4268
        • C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe
          "C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\language\uk-UA\LosslessScaling.exe"
          4⤵
          • Modifies Control Panel
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of SetWindowsHookEx
          PID:4704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml
    Filesize

    2KB

    MD5

    18442caf44660bd86c3c3f8ff3edf1cd

    SHA1

    bb5c13b5bd1b81b7a305bc90077cb006051cc46c

    SHA256

    8b61dcae0395041b573fdde547ef4e2e4cad3b46e0a6ee5e8383157d0079f8c7

    SHA512

    746c18fc354d795d7efad321fee295b7aba7a5289029373323bc518f568fb250f627ae80c82f83e3b7d67f65bdd66a5a719b84cb3cab8053dc4d3a7d9c4c71be

    Download Submit

  • C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml
    Filesize

    2KB

    MD5

    c3e802e7cbef3fe98215d696eff57d3f

    SHA1

    0970a39c523bc056ca7423fc529a3c72cb8f70d9

    SHA256

    28881319eab7182ddac1ab55f25098db6a173aa02b762da2e6d80ad21f3ca182

    SHA512

    f072eff4bdcdbd493603610193fbf5a9e4d99eb720df105791dbdee01fcbbadf4c1750b47898e028543b1a6838d78b1bbf43acc16aa62b0e10eae0ce8d71f9e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml
    Filesize

    2KB

    MD5

    64b7869b16979571c78d78bf3d043535

    SHA1

    4d01b8eb9ba71da549f6551ab19a47a2dec63e0d

    SHA256

    589c4bbcea0d86990a14c1db0fa233305758b51540dcdacb6ccdcf1b74510967

    SHA512

    aead32db6786e1e3e41ea0c2bbff598b31ee2f65010ea0edf568dc91d2443c70e92940461d6e7b95a7418e7e710222c5f7af4854fdf77521a053fcb3e5b3e99a

    Download Submit

  • C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml
    Filesize

    2KB

    MD5

    45fed0a3bcbc889ca99d0c5943210e7e

    SHA1

    602584366a413cb9ae459b6c3231190cd787241e

    SHA256

    9812fe8104a86e693d6baa02a4cdb56ea9a4aedb500b050346eb5ec6bda8dd09

    SHA512

    d0728fcce9484daedb2c9552ee2a818f7cccbeb1e9bca24a1c4fc1ca6e8c181c46cdc89670bfee3d6ad219ea6f69750bd03f776af4f9e4667872c66c11dbd255

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\LosslessScaling.exe.log
    Filesize

    2KB

    MD5

    04162f035bab90c7e7429f43ec7d1b0e

    SHA1

    f6799de8093832e993dfd34abf6dc3147b754129

    SHA256

    a39fe83e8ceba5a19f9de0e0ba50adcfdffe28d47b8aadf7a0b7ab8e5395c613

    SHA512

    6b4a4b2905f27dfb41b3689324987c06426d8592a4eab6f3d2af39100f1fe2119083ffd5c46d376b946f94761fdd3e0be7e8ede33f640869f4fcff6dd672a9e2

    Download Submit

  • memory/952-6-0x000001D2620A0000-0x000001D2620AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/952-5-0x000001D261EA0000-0x000001D261EA8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/952-7-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/952-4-0x000001D262110000-0x000001D262136000-memory.dmp

    Filesize

    152KB

    Download

  • memory/952-11-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/952-3-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/952-12-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/952-0-0x00007FFE944F3000-0x00007FFE944F5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/952-2-0x000001D261FC0000-0x000001D2620A6000-memory.dmp

    Filesize

    920KB

    Download

  • memory/952-1-0x000001D2478F0000-0x000001D2479E4000-memory.dmp

    Filesize

    976KB

    Download

  • memory/4204-14-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4204-17-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4204-13-0x00007FFE944F0000-0x00007FFE94FB2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4268-18-0x000001DCBB360000-0x000001DCBB446000-memory.dmp

    Filesize

    920KB

    Download

  • memory/4704-23-0x0000023CFC820000-0x0000023CFC8D2000-memory.dmp

    Filesize

    712KB

    Download

  • memory/4704-24-0x0000023CFC990000-0x0000023CFCA4A000-memory.dmp

    Filesize

    744KB

    Download

  • memory/4704-25-0x0000023CFC8D0000-0x0000023CFC908000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4704-26-0x0000023CFC960000-0x0000023CFC968000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4704-28-0x0000023CFC970000-0x0000023CFC97E000-memory.dmp

    Filesize

    56KB

    Download