Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9eedec7a4c14e97094097b333883a2c27de961be541a63bcd1a080cb702ae40b

  • Size

    4.9MB

  • Sample

    220908-f8qb2sbadm

  • MD5

    e1c124e8bf870e3dbfb35526435b8537

  • SHA1

    11afa279c3987b2790d0c103aa65eaf97030aace

  • SHA256

    9eedec7a4c14e97094097b333883a2c27de961be541a63bcd1a080cb702ae40b

  • SHA512

    601225412c217ccb64ead1e770c170507c8a1cd0dd295e500a85865922428dea63f02bb6285d69b4bf622a1a37988b43a2dc926726c5b803178fb3eba6f2c8ef

  • SSDEEP

    98304:Jqh6Ht/Rsqyf8cHeOvsCyvqqtWJqBvo+kPWbvcWqe8arY+TTiD9axAlLqUEY:4hoduqyfj0xCWgqBvoZW7357TQaxeLq2

Score
8/10

Malware Config

Targets

    • Target

      (2040 2135 2635 2540 2235)kmtwainlang.dll

    • Size

      32KB

    • MD5

      eaa84219d1c0f42cf7abe951d566868d

    • SHA1

      c17a8e5f611e269ec9d38db04bf8cc6f98f0337e

    • SHA256

      b9627ee443dbd4b32090fdd44b8c8296e500fb5e1498b276a4f1bd4e6241bcf6

    • SHA512

      6e046c3f7876989f52a125aea1c796dc24da62f474a762d229fea92c1114ff6365ed1eef44b7302903381dc72cfcb4250db83636459fbc38ac16880bedc87b3d

    • SSDEEP

      192:0XBKaUtzWlFn0yU688unS677iebxUMUiebxUMS7CYuVBoDJno:oKFzWlF0N688wb4bS7CYIoDJo

    Score
    1/10
    • Target

      (2040 2135 2635 2540 2235)kmtwainlang.dll12

    • Size

      32KB

    • MD5

      1844136c01f2c616f858d9f022eb0ad4

    • SHA1

      deb79f81b47fd2be35ea81cf68ec1a8961a24c8d

    • SHA256

      a23fadb3a1f9fa46550ecfb773c7a87b2dbc89ba8072d35131ab491a528d7764

    • SHA512

      9b982e3cf88d7058fca5a9a4c56b40bf401aa564afa2cab13b80f70b52ccde6a53ae279024bdfdb0dbacf3b6e57f9c7dc79ca5140384b0956efdf26828fb9648

    • SSDEEP

      192:nXBKaUtzWlFw0IU688unx+5cKwUi+5cKwUJRuSVDoDJ+Fk1Qo:xKFzWlFB/688iPURuqoDJ++

    Score
    1/10
    • Target

      (2040 2135 2635 2540 2235)kmtwainlang.dll3

    • Size

      32KB

    • MD5

      fe0ac1843dae86f3ba5decd275302e59

    • SHA1

      448691b51ec089dea03596e87cb7f0ac1304e87b

    • SHA256

      0b4b4e6eb1f1176d67c8deda8b12a540de7f5332c6d8e695fbdbb311d37d2dc4

    • SHA512

      80f5e95f05910d6d636ed6ea093abc543524fd4b3e6801c78ddf49541dda13857e02c4e74a11a1554e2f3a66c7d23354fda76b73e0a0f1f855ba3dc721efd4df

    • SSDEEP

      192:UXBKaUtzWlFP0FnnbU688uneHP4UtHP4U9gYuVBoDJ0HBo:IKFzWlFcVg688I9kgYYoDJ5

    Score
    1/10
    • Target

      (2040 2135 2635 2540 2235)kmtwainlang.dll7

    • Size

      32KB

    • MD5

      de9b9185b573e2565d8df7305001cbb3

    • SHA1

      a6a53b251d10bd34f92f79f13791cb310e8f6989

    • SHA256

      48534abc0dade4e52127342a2a4c55a08ce1b401af02c83fa90196a5b708a06a

    • SHA512

      62c4872366d921cd0dc30c0368cb1de3b6c45b474d5b075c2cdd961c3c090e1e9e3d3a90d004ad039a9a11c058d1485e8aef72979695ee4ce6e9c105caa9728e

    • SSDEEP

      192:4XBKaUtzWlFv0KU688un+43wJ4JNUe4JNUMaIYuVDoDJIo:MKFzWlF81688UA1aIYmoDJH

    Score
    1/10
    • Target

      FileOpenSH.pvp

    • Size

      1.4MB

    • MD5

      976253cb58bbc635903e255ee96c3653

    • SHA1

      a3394ecd0ceb0ecfed704ca12b41869d82237691

    • SHA256

      bfc69e310e7cb24806d38349201ae29145e7101b2d395e8a582b38458e8147d0

    • SHA512

      aabba20662bade1180f983cad14088115cc5cf2ddd56dbbe724db1c8bc3d2ab7e2e0399acc523879e5681a31ffb485b5e7735feb1bf1c1ed6c433d89bcbc517e

    • SSDEEP

      24576:Dw6bq34KJSQd4ykrwnFQpP6EwXfxhhxmazdWGwxOpBLyCJoFQJu:06G3RF4TwXfxhLbW8XhJoFQJu

    Score
    3/10
    • Target

      GetPcInfo.exe

    • Size

      51KB

    • MD5

      7d86825997f4e0c8148348305143b31e

    • SHA1

      88d0fe78e0d864dc6a9c2ec1f2864b5134706cd9

    • SHA256

      57781a59099783729ee4860e224212b137c59075a188365130b347905b62cd9b

    • SHA512

      8fc87ed3a1c0c62c189f99fe98ec93e114384b0d1d2888ac5048e7b66639ef43cd83156ec78549d1f87ef0d7f44b38cd6d3948e4e0915d64c5991ba5f62bbce7

    • SSDEEP

      768:X6F4HxkEBJOuzRORwonmp21x9jL/Kn23+zj3:X6YxTcuNjonfzVn23

    Score
    1/10
    • Target

      Index_dll.dll

    • Size

      1.3MB

    • MD5

      4f314dbbfa09d74bbf839bddc3f42a8c

    • SHA1

      d251c5fcf14cd7353bb9f698fb0a5f8b4874c9fc

    • SHA256

      51b2fc04e6e54ac7d0fa2840ee7e82774266baab7fed6010c061d2f0bdc87858

    • SHA512

      dfae9abf617601c0d15712324d4ab58e0357354bbb50892eb3c9aaa49910707d5c236d69582e3e74781f3770f65e20ca690baff03a543507baf57368d63f1b35

    • SSDEEP

      12288:4ByKw8GAxGoWjs1aypa1jkOngBkcR8Fog9fka8di9UamKHGPtrG5XXlizk0:048GAxGoksXpRrBReoA8ILGF/k0

    Score
    3/10
    • Target

      K3ICWorkFlow.dll

    • Size

      40KB

    • MD5

      114604af15ac092807342b607c113436

    • SHA1

      657a7030742b1e743f5105b1b2cbce3e26b6284e

    • SHA256

      98cd641881cd1e86deb98eb8bea2b349fcff2272e3fb6a9f4f928f358588ee6a

    • SHA512

      04ab6c6acb386a5a4e1c9ce154f8b0b2141163699afa9de270828e61921c0b5ff112e5b2822593a273c65f8855139d47500ed6081036bff4a0e60837b744393b

    • SSDEEP

      384:6aCKzWj9oR9T3Pt+U7Vooux1nB0XlKEX3Rcmt4ODL0s0rKXV28:Vt4u9TVVSx1nObH2G99XV2

    Score
    1/10
    • Target

      KmInst32.exe

    • Size

      504KB

    • MD5

      f826fedd433599be90125a26ee3f6d4c

    • SHA1

      08bcef9715aac68539dab3af6070bddf003b2233

    • SHA256

      ada21c56d38f43c38305e6ed1bb2bdde7a938589025d31f91c8f81e690ad5004

    • SHA512

      8861bd3a6cea7fff3ff7265238be910f4edac3b597a096a0dc80cdde814cbeab21704ad66dd06d45a001da7dd045dc8450ed95c6797c0facd6948a1134bc68d1

    • SSDEEP

      12288:RDEmuwh9ynWP0ZrDY+zqfeaNZlBDhzxov:R7u2InfZrDY+zqGiZHNzKv

    Score
    1/10
    • Target

      KmSetKX32.exe

    • Size

      323KB

    • MD5

      27b1aa4e10a7880c7548427de6ec508e

    • SHA1

      03e745f79d2adf68b29bb464678d28dfe5a02eec

    • SHA256

      2d297057de50093e6c55ffb2e625e244d7a6cdd4f1949a3b317324582b9be9ea

    • SHA512

      08b1b066e9acf3854b77be0e8a03e7b70db08e9f91f4e50a82ad762323f6436118b08fd4fbaf2e4caa97a4a180cfd6bb5acd3158f0b799c6785d59c15d3385e0

    • SSDEEP

      6144:d+qfUjbNlCOXWj9ehplA/6a9nXcQk9NLPIMWAof99TBCtsK:d+qfUjp4OXW50LG6mcN9NkMWAof99To

    Score
    1/10
    • Target

      Netviewer.resources.dll

    • Size

      1.3MB

    • MD5

      8ada1585850bf3258b297eb2a2536dee

    • SHA1

      8a42932ba407fc4736cd1e87b04bd8fe1e007b0e

    • SHA256

      3d365d01532dc432304cb3ad87b4b86764c9dd8882b0e84beecdb62d1bb35d7a

    • SHA512

      f0271dfa1ca42caeff6e1a96ce025c69d9027b0a4d7f456da0c2c466a04fc6093d52b3f7be04c922e892014e4da35399f77e9086040cd3c07e57d63ec027ad1a

    • SSDEEP

      24576:6JEFdNOvry0NyuSOnjygOCnh3yD7HZZnvEzOV+gWTk5JEFdNMVEFdN:SEFdNOv7omjyRyhiDNZnvEzOMnkbEFdZ

    Score
    1/10
    • Target

      PFXRsaCertDown.dll

    • Size

      2.0MB

    • MD5

      d89ca85ee33124766808c7ac969abb98

    • SHA1

      92931cf7db3db42406eea8faba18eadea93e9341

    • SHA256

      c2ee6eac2678b0d1e6ffaeb6b97e035b91811070f64a3d6d62b89315207507e8

    • SHA512

      337c2caa72741c8264ae025c5f64f2c1eab610c2549d458321ad24ff9742947a116c208d1a0e8c6e9dc0a336fd922888d8760bc8e9ee3df357484bc1d4bee480

    • SSDEEP

      49152:i47lDVCpTJmjEjrYTDg+9YwR/mqJx7KuQ3ufM:imDVgmoXSDgQYkmQx7KuQ3e

    Score
    1/10
    • Target

      Pdfcore.exe

    • Size

      85KB

    • MD5

      195dbe2351eafab58eab820b6b1e282a

    • SHA1

      c39729122a15f10bc1169f1873a0f4d67fda09c2

    • SHA256

      2925ff88ea625ef40be73fab62e6749b6ab56444e668b86b5a6c190d2e0605c7

    • SHA512

      abb12fcf1e5222bf0caaf983fcdbf946581ebb06307ee743bf4282d3332c795bcca2277db59c8e033f45c0f8999e6d1dff896c5dd4034b3fe949a463f648da37

    • SSDEEP

      1536:6mW0gJSH4OtJAGRD/r2zkHLMAKJyGykyXRImXo5HG7BIUL:g0f4eUkHLQJV0ImXo5HcqUL

    Score
    3/10
    • Target

      SafeDogGuardCenter.exe

    • Size

      1021KB

    • MD5

      ab86e7053c42a6410f0d05a14dfa595b

    • SHA1

      0f829850c141bc9dc246784ba7c60751b7637325

    • SHA256

      a39bc15fb5a82a9a922a16d4ed9008dfb3ca842504b45c0bf42be468f357ed2d

    • SHA512

      fa02316c03a0fdddc59c41c55628a1e2b2e737ba1000ed3aff7f41f0070fab8cbe4467fa6395618db631bd28933aa1bdf8fd3e4690a996c9fc6f607bff333c1d

    • SSDEEP

      24576:t3tKn1czU+PITxnHnkht57ECVjSxWG8P+v8YzWSP:t3TU+PSxHkl7EW8q+kYl

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      SafeDogNetDrv08.sys

    • Size

      38KB

    • MD5

      3e45af072b43e06e74a519d015eb60a9

    • SHA1

      a5478ad7edfe7d5071fcc2e59a361dc65539affc

    • SHA256

      23ad2da55fd36fe6a16ab0aad240cacf0d7c27d39bc684b777cfef191f17f1af

    • SHA512

      85b5f282721bd7c315e888b6d66ddd9de0da77c9422935e01693d2240a1207da723adb232e9ccf7735943e8d67e350b3e9abe02ffaadb7feed0de7ce6f03ed24

    • SSDEEP

      768:H4ekD1OUp+PUyBa6/NAMrYs91v1J65Vl+jE0CSc:01g9BZ/NAM0s9V18l+jL6

    Score
    1/10
    • Target

      hpmcro32.dll

    • Size

      13KB

    • MD5

      5ddeca6443e5c2cf7a4525c47488e496

    • SHA1

      5099f4252b04f3fbae3fb8b26bd81cfb12d694d0

    • SHA256

      72a5d9f7a3f286062a16d3e7b7ffff9530aa8bc81f8de863a00f1ba1becd9b99

    • SHA512

      43d971056e1dca7d17dc451b27c75d15631eaf8e0f9ff54d7982b070194d6a1151792c99e84a1e380bc72669077d94ed6f801f2ea5a39f9f78eaf48569dfdabc

    • SSDEEP

      384:5ZyrNrVUUuirfGh08ZUuux26C0Det+JoNSqWljW:nyz/1r0M

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks

static1

vmprotect
Score
8/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
3/10

behavioral27

vmprotect
Score
8/10

behavioral28

vmprotect
Score
8/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10