Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tlauncher-2_72.exe

  • Size

    4.1MB

  • Sample

    230115-mhldqsde55

  • MD5

    a031e1e3b283e3cc9f895e337b0a6e18

  • SHA1

    b5bc0da7ebab8655503a9c5de06691f4cf16ba20

  • SHA256

    69ac13de7f6c4223b05baceb4da9c983849de3ef139cb66ff26902cb6a3c15b5

  • SHA512

    afa6cf17e7e918e4835589a540d17d98d1dd651049f7079c42211fe8ceb3be706a2362e04a37a09c77854d5a463d8db1200767c482c9ef97ff0a39f4a4124b0a

  • SSDEEP

    49152:NnOpSqSRk9kmBlOLc85/kJsugaX3NgfT+UO+DUtFNmnVg6kIVuQ2fiFpJM:NnOEqmCBlOLc85tuxNgf4lCjHdM

Malware Config

Targets

    • Target

      tlauncher-2_72.exe

    • Size

      4.1MB

    • MD5

      a031e1e3b283e3cc9f895e337b0a6e18

    • SHA1

      b5bc0da7ebab8655503a9c5de06691f4cf16ba20

    • SHA256

      69ac13de7f6c4223b05baceb4da9c983849de3ef139cb66ff26902cb6a3c15b5

    • SHA512

      afa6cf17e7e918e4835589a540d17d98d1dd651049f7079c42211fe8ceb3be706a2362e04a37a09c77854d5a463d8db1200767c482c9ef97ff0a39f4a4124b0a

    • SSDEEP

      49152:NnOpSqSRk9kmBlOLc85/kJsugaX3NgfT+UO+DUtFNmnVg6kIVuQ2fiFpJM:NnOEqmCBlOLc85tuxNgf4lCjHdM

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks