Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

FakeClient.exe

windows7-x64

1

FakeClient.exe

windows10-2004-x64

1

SECOPatcher.dll

windows7-x64

1

SECOPatcher.dll

windows10-2004-x64

1

SetACL.exe

windows7-x64

1

SetACL.exe

windows10-2004-x64

1

SppExtComObjHook.dll

windows7-x64

1

SppExtComObjHook.dll

windows10-2004-x64

1

WinDivert.dll

windows7-x64

1

WinDivert.dll

windows10-2004-x64

1

WinDivert64.exe

windows7-x64

WinDivert64.exe

windows10-2004-x64

cleanospp.exe

windows7-x64

1

cleanospp.exe

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x64.zip

  • Size

    656KB

  • Sample

    221203-lfy2dade21

  • MD5

    7a0e898fefa75a8ce80d87349c631738

  • SHA1

    a4c28f7919caa07018597f6c851087228e5f22a1

  • SHA256

    7cfb539c0522d4b48ce33a2b781b2ad2b4f5edb6be6ea44ad107eaf7de729907

  • SHA512

    aaa0efb85122c6394eec40f9800a2d0f87719ae5c4424ecb1a91328e2717ac3c31392fbdfeae229fa4fa9fdfeb335b4d3fb69c09ef03bb1bcb12acd3feea284f

  • SSDEEP

    12288:h/uTdNdOA26X37M40Xdl2Jg9bgKxLb//Fe5FnmSLKd4jkmoRNwM6N:JujdVX3o4UTdb7bWFmN4IRNwM6N

Score
3/10

Malware Config

Targets

    • Target

      FakeClient.exe

    • Size

      10KB

    • MD5

      6241a145a6bc3511e7690dcf107cefd8

    • SHA1

      3052b10e7356bbb71a0519d9c089ce5ae18d4b6c

    • SHA256

      2218293e4442deb06e398aa0357aef54df377b95e46b6ed79b48b65b666c9405

    • SHA512

      8826f64b587df90b7990aed548644bd76e14c95763fe0175901f6d72e05666372a1694013a92b8b6da7a643aabc43df0dbd1703117667cfed2955a19845c4b83

    • SSDEEP

      192:bFKnhMRmaT0Tg6PDKwZg7UVOUxPsUbWeJuanksAP:bFFsaT+gMDZgI44PB9ks

    Score
    1/10
    behavioral1behavioral2

    • Target

      SECOPatcher.dll

    • Size

      6KB

    • MD5

      5c5dc1d8085a9df4cc44f5f39630297d

    • SHA1

      5f82a6b89bccaf37849b943c99b49fac204f7450

    • SHA256

      a6b7bcc8e941a7aafb8c077dc4b17344a965e7e0da0f012d24f27b982434850e

    • SHA512

      9e9029ded4cfda70a229b88ca0088b53703dfa8ac8bc88da8a8a8c8e8080f87e610d4f42900a8d7619bf87cb95c887557dbe3054fd6663a24f07f00f074d9ba1

    • SSDEEP

      96:G9lk4Roy4A+WJAHOSmTsz7TRHWfUwtdkS6hJTZNZ6tkG:G9aHy4A+WJEOSmAPT6VdkS6hJTZr6t

    Score
    1/10
    behavioral3behavioral4

    • Target

      SetACL.exe

    • Size

      546KB

    • MD5

      3e350eb5df15c06dec400a39dd1c6f29

    • SHA1

      f1434cfef2c05fda919922b721ec1a17adb3194e

    • SHA256

      427ff43693cb3ca2812c4754f607f107a6b2d3f5a8b313addee57d89982df419

    • SHA512

      b6b6cdfe2b08aa49254e48302385a3a2a8385e2228bdcffd3032757acf1a1d4abff1270f5488083cfa4480439ff161a9d0ea5f193cabc1eb1e7b1255ce262ab6

    • SSDEEP

      12288:ZM9AwIce16TCkcgxjouFmQGzt/B6QziZUt2qaV7se:ZM9Sce16TCkcgxMuFmQGztZZiSAqA7R

    Score
    1/10
    behavioral5behavioral6

    • Target

      SppExtComObjHook.dll

    • Size

      18KB

    • MD5

      95f143ec661a5da85c3c8199d9fe06e7

    • SHA1

      94ee8c5856dc0570a8f12cd08ecb0560f3a61908

    • SHA256

      f239c27b50cef792fea5b34378fbac83bcc06b8442d508bd9add7ddf8ca5c632

    • SHA512

      0fe0304f4fd4810a6aab5f35410b195c44302332c721ebfdb1c87e3081ec98a9ea9ec796bb135883ddf2906d82db51d29e34017c989f4f8ad4e17bbb1b00781e

    • SSDEEP

      384:QKSNkidSydP2bVSxvdor3nu0+BrRrbOj2tKABxfvL33k:b8mW+nu04r6StKABm

    Score
    1/10
    behavioral7behavioral8

    • Target

      WinDivert.dll

    • Size

      22KB

    • MD5

      ee42f18f56e8ab20103d0eacc6cb3056

    • SHA1

      8f75e1e7d1d1982d8bd57026d76fade124fe51f9

    • SHA256

      d0d8e5806952ce8f321d106551c680afe5a074cb9366a54282ff83397c64c27f

    • SHA512

      7823620af8ec86b4dc4f4e5c77c7adf6bbf44405f6074629261c2067691dc72521fca44066f998033f40b8ef79b2361a7d5ada1e16c48943fab8e1a7c5f508e7

    • SSDEEP

      384:MgmtcPxf7lWWu83b0zg0HFjCoP5O6F1pgaNHbBmLGgIgXc3pH2k8m73eW+AyfjQ9:rAcP59uEb0M0HFjBhB1d5kigIgM3ph70

    Score
    1/10
    behavioral10behavioral9

    • Target

      WinDivert64.sys

    • Size

      46KB

    • MD5

      d6f42128c81965e12578feca7dac500f

    • SHA1

      5c4576bd6409d797334ec17188efe696c9cc97fc

    • SHA256

      9026147943bd44a1eb5e2f0c89cc8f441c7d1f13c1571aba54e262d2e7354798

    • SHA512

      6fd544f2dc11fbae6492157dbdf07effc5a3080a14350d909542bdef974dfa8f7f4d346506086ba0ee90ecbd2f6b107dad84df17e4825962ef51a135c7b4ce93

    • SSDEEP

      768:eiVoBvoIJZurl94Sph4oQ8OlucwYOpClY7YmJrUJuhr3fz1:5VoBJGcK9e2YmJYqvh

    Score
    1/10
    behavioral11behavioral12

    • Target

      cleanospp.exe

    • Size

      19KB

    • MD5

      162ab955cb2f002a73c1530aa796477f

    • SHA1

      d30a0e4e5911d3ca705617d17225372731c770e2

    • SHA256

      5ce462e5f34065fc878362ba58617fab28c22d631b9d836dddcf43fb1ad4de6e

    • SHA512

      e0288dcf78092449d9cbaef4488041131925387c1aedc9e9512da0f66efe2fb68350ca3937f6715834e62e7c931c5dad0fc8bc3c6c0c3daedeff356d6feaac2e

    • SSDEEP

      384:gQAInWKpEFFzpjq37oIOU6GHq33QPiu431VP:gxWTpOFagUb2qiu43P

    Score
    1/10
    behavioral13behavioral14

    • Target

      msvcr100.dll

    • Size

      809KB

    • MD5

      df3ca8d16bded6a54977b30e66864d33

    • SHA1

      b7b9349b33230c5b80886f5c1f0a42848661c883

    • SHA256

      1d1a1ae540ba132f998d60d3622f0297b6e86ae399332c3b47462d7c0f560a36

    • SHA512

      951b2f67c2f2ef1cfcd4b43bd3ee0e486cdba7d04b4ea7259df0e4b3112e360aefb8dcd058becccacd99aca7f56d4f9bd211075bd16b28c2661d562e50b423f0

    • SSDEEP

      12288:3gzGPEett9Mw9HfBCddjMb2NQVmTW752fmyyKWeHQGokozS:QzJetPMw9HfBCrMb2Kc6ymyyKWewGzUS

    Score
    3/10
    behavioral15behavioral16

MITRE ATT&CK Matrix

Tasks