Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

ERawSock.dll

windows7-x64

1

ERawSock.dll

windows10-2004-x64

1

EThread.dll

windows7-x64

1

EThread.dll

windows10-2004-x64

1

UUWiseHelper.dll

windows7-x64

1

UUWiseHelper.dll

windows10-2004-x64

3

ZMApi.dll

windows7-x64

1

ZMApi.dll

windows10-2004-x64

1

ZMApiUpdate.exe

windows7-x64

1

ZMApiUpdate.exe

windows10-2004-x64

1

const.dll

windows7-x64

1

const.dll

windows10-2004-x64

1

dp1.dll

windows7-x64

3

dp1.dll

windows10-2004-x64

3

eAPI.dll

windows7-x64

1

eAPI.dll

windows10-2004-x64

1

iext.dll

windows7-x64

1

iext.dll

windows10-2004-x64

1

internet.dll

windows7-x64

1

internet.dll

windows10-2004-x64

1

krnln.dll

windows7-x64

1

krnln.dll

windows10-2004-x64

1

script.dll

windows7-x64

1

script.dll

windows10-2004-x64

1

shell.dll

windows7-x64

1

shell.dll

windows10-2004-x64

1

spec.dll

windows7-x64

1

spec.dll

windows10-2004-x64

1

ԵQQ...��.exe

windows7-x64

8

ԵQQ...��.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b59997f4efdf54a64dbbcb60c98d02dde50772b39552f9c7bd9c2fa809887b3

  • Size

    2.5MB

  • Sample

    221127-gjsljsdd85

  • MD5

    273ea77cec1653c666752ad50ee3a75a

  • SHA1

    17d4a00bfe37c5f7dd80a1c085166b485f58458c

  • SHA256

    7b59997f4efdf54a64dbbcb60c98d02dde50772b39552f9c7bd9c2fa809887b3

  • SHA512

    b71eca1d584cb0525df008e3cf26dee8a64ff3e548dbbc216a400f3e9aece5976b75ee3a81a57dc3c06d9a308efef3ba4835f1c540f7146ffe98eff473ceaac6

  • SSDEEP

    49152:1kUwVwJK4QaTrWcgOIIr9EEVH+OzWp5ZsoSeDeoye7RuGBonLMdHY1Y:yUtJdGcgO/yEVpypXS8LuF4HY1Y

Score
8/10
upx

Malware Config

Targets

    • Target

      ERawSock.fne

    • Size

      92KB

    • MD5

      577b8d7cc60a2d1d9f1cb7452e0c9d89

    • SHA1

      5a90271bf34822272a1fcbe67423fb4a6a211b35

    • SHA256

      41af6af59f843c56227c9ea6871e09dbec099c1e825d6f20e075d39695457c68

    • SHA512

      0e293bf6ed64aae4943609e33e7b6f29b1d73237f23495870a8a6f5321584c884230cdb67aa87051c2acedf29402fdf5e844ac04d67968511e78b24d48ab30da

    • SSDEEP

      768:9GKvtyovvpnKbKQ0SB0XznoVPkYTrymAo68VKR1QQg8+F7aa8iB9vD1uzNV9wGjY:9HtT1odVbTryS68VKPKIa1e39/o+5A

    Score
    1/10
    behavioral1behavioral2

    • Target

      EThread.fne

    • Size

      60KB

    • MD5

      206396257b97bd275a90ce6c2c0c37fd

    • SHA1

      3cae4506a033cf7e97156d5261f2a247c6270f42

    • SHA256

      64eef86745d7ae0168fec357099e2e952ce74ee19576d06cc8c8c65f210cc22c

    • SHA512

      4c23e52b5b23b305c3172e01dd205e15fda8f20f8b60776ba59d080bf05bbbca456a0ed232f2e2a2bf01d32efb913063f89fb4928bc4d5d1c1eb4c4979803455

    • SSDEEP

      768:r3gWNW3gyVNWTmOPMJcyS6K7viaViB9V5yHQ6Fq4oCaJa2OJK:TXkSTmOP0Cbu2BboCaKJK

    Score
    1/10
    behavioral3behavioral4

    • Target

      UUWiseHelper.dll

    • Size

      278KB

    • MD5

      15ef8e544bfaad59e2ab040270a32229

    • SHA1

      9749ae58615bd80806e7e92fdf14c6a844521fc8

    • SHA256

      ede9399ba241c1820a7ce9a15f2af78814fa493175132c03cb3e1d6d5a74750a

    • SHA512

      521bf5fea2ab65eabb995107d83e75a5980c81d22fdae07af5fdfc35aebae9c05f307ba986348d98ea11949d0e3d669d5f68b41170a4da352274f7ed49351c45

    • SSDEEP

      6144:mba33K5BsPm1voVlpB/z9xtUnwrUnhHgB5f0k3:p+BEpB/z1UnwAnVgXck3

    Score
    3/10
    behavioral5behavioral6

    • Target

      ZMApi.dll

    • Size

      292KB

    • MD5

      97f5efa288eda2b70388f0900f2fdf35

    • SHA1

      3d3ef1bc1ebbe172de61289c49a95c9dbaba940f

    • SHA256

      ad0da0c9dc2196527ce9cc208cfe10e40bc746553a16387909afb29365c2f62d

    • SHA512

      2ce182d21052729efb959cc9422943896315e334c73c381c052502c4f04afcf72b5f30bd952abaa5dbe993d270e989fa2ecd484404bc8e24b4f19d89090bf4b9

    • SSDEEP

      6144:135zm5Oysu+wf3Qe1pgT6vH5UUNmBvvaH:13lm5Oy5/fgm6T6RUQiv

    Score
    1/10
    behavioral7behavioral8

    • Target

      ZMApiUpdate.exe

    • Size

      304KB

    • MD5

      c1324909cef8accaa96237d6f921a218

    • SHA1

      3f3c0dc9624c3bf3c3c0f62ca5b7d4ed2221f259

    • SHA256

      db939d66b9e8db6043a55fc20d9282461542ca33a3010251e786ac700ab5381c

    • SHA512

      76d4b138353fde3fc3ecad68f9fb3b606c3b77790ab54ca6f8ad173140ae0fb2cd9c5ecbdf6eeaf6a59f225af56360fe20a787d811a2e2daf2ee270e754db229

    • SSDEEP

      6144:M95Zd9cVy3OFkzE+GFjtpp8NJdvt/I7wA07z1pdSZNtab:M95Zd9cVy3OFF+GZtpmNJdvt/I7wAC9I

    Score
    1/10
    behavioral10behavioral9

    • Target

      const.fne

    • Size

      952KB

    • MD5

      1718e9013e5d5a4d0e6b4890be957e37

    • SHA1

      d3684d849d96e4b1712206f07d737a1cee94716b

    • SHA256

      6d00e79b70e57209ae623f59480e3255d87a60858da87dcc751cd3018796f759

    • SHA512

      6b1b2a538346bc73c30f24eb06ad217b1bbb80e880551e6107e7a0e286321e32823e3a4b6c12d1a8e34b416324247fbb5f93b54fb4f838f13f3174072e636e71

    • SSDEEP

      12288:Cqh/i7xvXMrYsah466BEqAoketLGQQA51ictk4m:CqVCsaJOAiGQr1ica4m

    Score
    1/10
    behavioral11behavioral12

    • Target

      dp1.fne

    • Size

      128KB

    • MD5

      07201b1fd5f8925dd49a4556ac3b5bab

    • SHA1

      a76afbb44376912f823f2b461507c28d2585a96c

    • SHA256

      abebbb0981d3d51eb63abcfa68be98da0cae4e6e3b143dd431fc845d1457dbd2

    • SHA512

      0cf673ce1b6cad38f0211231e876f00f6a8397a5f3e71680046f4a216bbe0f47f4541e5f5b49364310e41a04cce14703459725c3d9f052f9da13624e73753e12

    • SSDEEP

      1536:tiDSn+hfeTpCwAncpZ6Z8HTiQjl1sYiKG3oe/:UDTReTgwAcp9lqKG3o

    Score
    3/10
    behavioral13behavioral14

    • Target

      eAPI.fne

    • Size

      308KB

    • MD5

      7c1ff88991f5eafab82b1beaefc33a42

    • SHA1

      5ea338434c4c070aaf4e4e3952b4b08b551267bc

    • SHA256

      53483523c316ad8c022c2b07a5cabfff3339bc5cb5e4ac24c3260eea4f4d9731

    • SHA512

      310c90c82b545160420375c940b4d6176400e977f74048bfe2e0d0784bc167b361dc7aac149b8379f6e24050a253f321a6606295414ea9b68a563d59d0d17a48

    • SSDEEP

      6144:yE+ULyjYsLavN8JFhOyccPT8oV2wQfRayWjG:yoWRVXUyhIoIwQ4VG

    Score
    1/10
    behavioral15behavioral16

    • Target

      iext.fnr

    • Size

      204KB

    • MD5

      856495a1605bfc7f62086d482b502c6f

    • SHA1

      86ecc67a784bc69157d664850d489aab64f5f912

    • SHA256

      8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

    • SHA512

      35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

    • SSDEEP

      3072:qOs+pOZXaFAO0shQe9lkvelFv76OD5KoUThiL5t3gIn:C+0cB+vebJ6iLTF

    Score
    1/10
    behavioral17behavioral18

    • Target

      internet.fne

    • Size

      188KB

    • MD5

      7b129c5916896c845752f93b9635fc4c

    • SHA1

      e3fc632af5e1f36e8022e651f64eb8f8381c73c3

    • SHA256

      adc45970f4a0eafd2f372302f64836802380c253096a99ca964677a70a7128f8

    • SHA512

      c72dd4043e7cdc0ccefe26ce8a6d05701b4c610f88ab827e6731296da76b8cbe5b63c0970954ec7616369172b8b8f9cb546545271be3e86c18c54d0b9cad8f95

    • SSDEEP

      3072:mpTEys+TR7yRoHzXjlhvtcxVIThpEbbAKNXoqlSY9M02MF8:mpTEt+ycLHlCIThpEX9+XM

    Score
    1/10
    behavioral19behavioral20

    • Target

      krnln.fnr

    • Size

      1.2MB

    • MD5

      81c22cc42c6bcda834ecbc5eadaa35fd

    • SHA1

      18d75f87b15497e786e34656721057a66bf3e834

    • SHA256

      3e6241fc94443e8e2c6b2ec2298be385786079f0c8c3503c72b827796233e585

    • SHA512

      4fe7dd4713fad03ac6583bc12c188b529334b596ac9eb61dccf5c8cdcbbefc758fb119cf730f1eb1fccd23c6a251ec0c1714d074434b75c23fcd828610df373a

    • SSDEEP

      24576:zbFW06TIbzm62/OzW10uqxqjfHgDMJtZSUJvJIqlM4B5:Xs96xz1xqbHjzp5B5

    Score
    1/10
    behavioral21behavioral22

    • Target

      script.fne

    • Size

      164KB

    • MD5

      f8a655e81afbd29bffb1529eb81c0bce

    • SHA1

      7b1f082a1f8af3921536703ee4372374d28b6f05

    • SHA256

      775f7b81401b9ee7b0a4f34809ba55c6bf816b21471c1c0797a386707da068ad

    • SHA512

      537006acb144ada6f9499b08b42fa9e7d49c5ed040a8b1bc82742cb64efed7fed0f743f768cfbf382e9cefcc59d9b0f5e66198ddcb97d4c710ba36aa15a33a67

    • SSDEEP

      3072:CPb/Y2so9Mmaf8XKcHs4Wzuo2kOpSznaF4z:u/IjxfApkz

    Score
    1/10
    behavioral23behavioral24

    • Target

      shell.fne

    • Size

      60KB

    • MD5

      98174c8c2995000efbda01e1b86a1d4d

    • SHA1

      7e71a5a029a203e4ab0afc68eee18c39f4ab4097

    • SHA256

      90284c2ead0598faa715cc90c1f53b83b916099c918ce7f816f0b4550ff55ac6

    • SHA512

      a37059062a99cd2a9fae15850b49068752ccf0be9f1d86c3f812a689b7c4d024771ec2b66adf9ce950bc5b8b117d457aba87d586cf112a1a30239531bfc8cd06

    • SSDEEP

      768:eeZWaAKT41c1IYc8HBbrYNYVw2Fj9oNIqF42eofVU:eBKT4fkrymV7oNIqC8f6

    Score
    1/10
    behavioral25behavioral26

    • Target

      spec.fne

    • Size

      72KB

    • MD5

      bd6eef5ea9a52a412a8f57490d8bd8e4

    • SHA1

      ab61ad7f66c5f6dfb8d28eba1833591469951870

    • SHA256

      0c9e6eb8648f4bf5c585d5344035e91c3249bb9686a302503b4681b7ba828dc0

    • SHA512

      1c43e50270eed071c8ef35e1c4695a93b9f98e668d4aebb44eb3b620efd2624b381554d2daf2d017f764b485e060abd589216043adea19eac94028ce66cc2025

    • SSDEEP

      768:zFYJh2NrjSv4ol1WAHcTtEWC9Vm0yws7oP8NiB9EhyTWV/h2nokCqytGSgtvag/:zrrev4olRHcTtD0y7o0YUKokC7Idp

    Score
    1/10
    behavioral27behavioral28

    • Target

      ԵQQȺѰ.exe

    • Size

      18KB

    • MD5

      7bbb08bf1c4f85aa3dad85207fd2b4e5

    • SHA1

      88e177e3606289ee18814317762e54d00cb2df94

    • SHA256

      7af5312871230d82202e040567a5053a5a3f325b9946e2925bce86364b19c143

    • SHA512

      c7641e868abc5e6b209e15679f92340340ed4a62d6173bc06764ce4943b3683f33eb965199613b7250fd84c5b23f104a5ad0d00e8641d9eb754abd926aa8ef09

    • SSDEEP

      384:2mECh9LLRctSwqrLQU5B+SS6nl9wv6Ohttitcv9BCGRw2qp:2aFLRctSwqr0U3+wyBdb9Rsp

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral29behavioral30

MITRE ATT&CK Matrix

Tasks