Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

lpk.dll

windows7-x64

8

lpk.dll

windows10-2004-x64

8

邪缘炫�...��.exe

windows7-x64

9

邪缘炫�...��.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    018ccb051805d210b672f2ce8db20662bb851737d12ac4778e8a630d159ed949

  • Size

    1.1MB

  • Sample

    221127-jr4pwsba98

  • MD5

    da5157b9f8b9701b6cd839d81e05e0d8

  • SHA1

    9b0a944b0bb5a370d7be5c4ca7498e996e37f4fb

  • SHA256

    018ccb051805d210b672f2ce8db20662bb851737d12ac4778e8a630d159ed949

  • SHA512

    b195bc1523a063ddb8cc87b2707f8d0e5fa5e6a375a9836d9caa6e528415aba3eaca41ee73a23f5599bf303582376a5fcf0b94bfc90fd7df117cace11d76c1e5

  • SSDEEP

    24576:YDuOuwNTr1pWnCpX0iD89QeTqfInz+bUHNm+jMgLi7KaJ:YqOhT5mCpky89QO1+b45Ji75J

Score
9/10
upx

Malware Config

Targets

    • Target

      lpk.dll

    • Size

      44KB

    • MD5

      22709df8eb252472147ee0240f36229c

    • SHA1

      5389c09454716c14289a4a653174fbad2f80a604

    • SHA256

      1de7322ff118b46fa90b3c162523d8e58f37bddd28ee0220d8db181fdeaf8a1d

    • SHA512

      ab78efdcdd27282e943d6a7d9960605f400e66a62ffc1e3ea6d10c52d5f79bd96de8d1b532a04cb64c6d5f5e302ab1e55109c321a23f1939e80c99ffd108722f

    • SSDEEP

      768:fojY9PEumB2AOYc9Eej2V+67vrRfUGKQyHsojY9P:KmcuQ2ATcZ2VF3KQyHdm

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      邪缘炫舞转换器(最新版).exe

    • Size

      1.4MB

    • MD5

      d2038754b8299405dbc6533795201237

    • SHA1

      625cdf4154d1b9adabda4f458b325b1a5f901ec6

    • SHA256

      1ffa30fe85f2ba19ef8d8da52cb59e9c2c1780beb31aa893c9c909c5a0ceaf36

    • SHA512

      c96f22d52709ba872b6c5bfda9e6af0a5e607c133decf71d326642479daab62b7c6d7457a3203a5901f5f660cba29213b556b714934a6373556957877859c816

    • SSDEEP

      24576:J7W7aVK4R2jml/LvhTZaqdiXSp0c02uFG6dAk3CMTfWL:JS7aVI47hTZaqdwk0c05HGiTfk

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks