Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

4

ClickShare...er.msi

windows7-x64

8

ClickShare...er.msi

windows10-2004-x64

8

Quick start guide.pdf

windows7-x64

1

Quick start guide.pdf

windows10-2004-x64

1

[KB11496] ...CM.pdf

windows7-x64

1

[KB11496] ...CM.pdf

windows10-2004-x64

1

[KB11526] ...ly.pdf

windows7-x64

1

[KB11526] ...ly.pdf

windows10-2004-x64

1

[KB12000] ...I).pdf

windows7-x64

1

[KB12000] ...I).pdf

windows10-2004-x64

1

[KB8544] B...ny.pdf

windows7-x64

1

[KB8544] B...ny.pdf

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    R3306194_38_ApplicationSw.zip

  • Size

    79.7MB

  • Sample

    230203-jzjppagc7t

  • MD5

    ea36b7da10d2dcdaec232eb5406e011a

  • SHA1

    b7b41bc7eb9b8a151d40733b6727abfddcc81bf5

  • SHA256

    eb813966621a14ba1a1157c568b00d21df3cf11ada06d95a3962e62bd99555f3

  • SHA512

    45d293416e817b3057353fd5b3cbc933122bd83c85f0e436b8faad1d048c45b22e608ba4b7d57f542fe1b53048b0248aa6607051a9c72f84e67f24785ad4dd1a

  • SSDEEP

    1572864:uJK8ZLyraQ9rmarxRphvUIjpP6Iv9X8D9UInB/xrfqRQ:H/9rLr06sbBJqRQ

Score
8/10
linkpdf

Malware Config

Targets

    • Target

      ClickShare_Installer.msi

    • Size

      79.1MB

    • MD5

      26a9951bdb991906ffcaf0d2bc776882

    • SHA1

      2422abead3e97b84afd2bb5319c6badf24f3af3b

    • SHA256

      56e7885faf4acdd5e56f96e8444d5bdfeecca647d7cbbe44560361bce54dbd31

    • SHA512

      13e211ff39d3c82d7e1d7b234de3ac31d70b1ae3b2bad22850b451cbdc1e76bd2d0679a1479aad2e12ff102ff0dce9eeb524d796fd5b64f5a67df1e1d393d186

    • SSDEEP

      1572864:MOYk5tM3pR+VFQcHZBjVDoM7l001VT1CgTIGZtBgf:GWVFdHCi0kt

    Score
    8/10

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      Quick start guide.pdf

    • Size

      835KB

    • MD5

      f36ade193c8abd1b7cac5ad4dfcadf6f

    • SHA1

      bab7bdf44fa9c683aef98c53ffface27d8caaa70

    • SHA256

      620f0875587f038844eb1d43d35d328adf405cf8e57107127a3005c90d88a9ff

    • SHA512

      3f47ccb80a9d4cd72c95e2a5ab82eec4c9255c114666db034fc44009dae32779ca79b89f1b39c51ccac7c1fb94d99dfa82395e83ed2b0ddd2fb0be8239ef921b

    • SSDEEP

      12288:h/dIr/xNvXgqt4TzP6Zx5Z1VdKUxeaCos55d0G0nHYoLSi0P6BnM1TTQfDXhRmLt:h/uNvXgqisHLMks556xWaAYfDXhRmLPV

    Score
    1/10
    behavioral3behavioral4

    • Target

      [KB11496] Deploying the ClickShare App with Microsoft SCCM.pdf

    • Size

      757KB

    • MD5

      f2e87dab2a596337f670de0ec086bfae

    • SHA1

      8f8bdc3fae1d477369fffe0447d3f2bcc70d4075

    • SHA256

      24bf627a4b5d741ae500676d7a8e3ab38f783c10d45c34301e6a8e013b544788

    • SHA512

      36d802da7d6f8dbdee9fe72209eb08cf7ec9c4da9d17018385b95f6f3eaae2c2eaac80665c9923eb8a3d5afef4f9477c80828fe2893ef7a9dd39e7df484aa94d

    • SSDEEP

      12288:itF0eH1pXHF4zdLDH5IFXlMk2eH1pIZJplDhXl5XUBQmV5XUBQS/2a:ij0QH3SdXZHk2QHmjlhVPmPSV

    Score
    1/10
    behavioral5behavioral6

    • Target

      [KB11526] How to uninstall ClickShare Desktop app v4.3 massively.pdf

    • Size

      80KB

    • MD5

      fa4c7a4043d096f7ad2e8d3e08a0bc8e

    • SHA1

      a844436a8d05339a7ba1a46a24101f7d8903b5dd

    • SHA256

      d6bfc0d6829540780d63d1dc579c9872ecd56338b6bd28116d4cce0f712c32e6

    • SHA512

      ffa0b5807efa8fbd18c5a5dfe5d56cec8109f3cf04ffba06900251652efd65dccb9ebc3632b193685e654adf964f9f53329fdfd31cc4a82711818a14358283f7

    • SSDEEP

      1536:mzrV4J7Jo6YxhkLDx8SodCR6Li4NZIOakdubrJ0eaiePeJGsYF153KFxFB:6U7Jo6EkLd8So8If3O8PekhFaZB

    Score
    1/10
    behavioral7behavioral8

    • Target

      [KB12000] What are the available parameters for the ClickShare Desktop App installer (MSI).pdf

    • Size

      86KB

    • MD5

      fccfc1eb3d2336b5a901dd03893fa386

    • SHA1

      25fd9baaddddace35f474009af0160e2a0fd6ea1

    • SHA256

      5f4e87d255a5d9e0caafa034550721998d4b2c6b2caf0ddf62374ac43b40bb8b

    • SHA512

      e7bbff5d43dc3c2d249680048b7c1ebde6e0a1507431a91f58c5a5588b811d101ee0719915f744c01cfedd63cc626ada578110c0446e65fea8ca6ed473c0cf35

    • SSDEEP

      1536:ds8vunZWwRaAPCZM/UHzqb31Di3dr5Wo0khcHfxPVDkH02dLz3IhXGv:1CuM8HMY3drX0mcPRxXGv

    Score
    1/10
    behavioral10behavioral9

    • Target

      [KB8544] Bulk Distribution cross your company.pdf

    • Size

      100KB

    • MD5

      771cdb2939dd13dd636d27ba85b1fc84

    • SHA1

      891849c0ab7f4df8bab25e2bef0ca3b3c7d9e01e

    • SHA256

      39b281f23759efbf2d299f518dfc68f3171026e128e5bd3379ea95082a7b9605

    • SHA512

      942693b91c79789d8ac6df7e10e4d9dadce175b1f92e0f8f4f16d2fb76d0a176c3a4f06ef58a56d4b51a16dd77e8d01cb152667c25f73732bda23b301a8a3470

    • SSDEEP

      1536:NXl++czPTGNsEv4fgEsZz2tGrdI76dMZgUFFCQIbNKgyabedogArE+:1lPMPesdgZZdQvFFWeddEZ

    Score
    5/10

    • Drops file in System32 directory

    behavioral11behavioral12

MITRE ATT&CK Enterprise v6

Tasks