Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

download.zip

windows7-x64

1

download.zip

windows10-2004-x64

1

setup.exe

windows7-x64

7

setup.exe

windows10-2004-x64

7

setupapi.dll

windows7-x64

1

setupapi.dll

windows10-2004-x64

1

verifier.dll

windows7-x64

1

verifier.dll

windows10-2004-x64

1

version.dll

windows7-x64

1

version.dll

windows10-2004-x64

3

vulkan.dll

windows7-x64

3

vulkan.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    download.zip

  • Size

    7.4MB

  • Sample

    230304-y362qaeg72

  • MD5

    5adf52c6391180f98b80beaf83341a8d

  • SHA1

    fd7a36d88dbab6e4c2f105a428c70e6787038e49

  • SHA256

    ab5268c60129d2e996824459f1837505c828184d08843dee542dc1e9a90db70a

  • SHA512

    65fdbf087d52b260b5422fc9cfe110afee4d5ba2c07feed412749e57a6f56b64f6f5ee9ee369f58f1d739c7cc347bdc751c0233ed9a0d77a9af7313881fd18e2

  • SSDEEP

    196608:wmkUojXf0/4i4M22TFZODkbRudGPZsFL8:wmojdVM2WsDk/CA

Score
7/10

Malware Config

Targets

    • Target

      download.zip

    • Size

      7.4MB

    • MD5

      5adf52c6391180f98b80beaf83341a8d

    • SHA1

      fd7a36d88dbab6e4c2f105a428c70e6787038e49

    • SHA256

      ab5268c60129d2e996824459f1837505c828184d08843dee542dc1e9a90db70a

    • SHA512

      65fdbf087d52b260b5422fc9cfe110afee4d5ba2c07feed412749e57a6f56b64f6f5ee9ee369f58f1d739c7cc347bdc751c0233ed9a0d77a9af7313881fd18e2

    • SSDEEP

      196608:wmkUojXf0/4i4M22TFZODkbRudGPZsFL8:wmojdVM2WsDk/CA

    Score
    1/10
    behavioral1behavioral2

    • Target

      setup.exe

    • Size

      445.4MB

    • MD5

      b77fe22a340a87e451b4f5f062b7a1bc

    • SHA1

      5fd3aedfb1340a6a921d305778a639f32bf0793c

    • SHA256

      1b5f0b126d7116a817fcb25547f32af39c30daa28b29f1d489f1a67662da9c50

    • SHA512

      8e2e982530c414475f15dd76d7f7b79fced453f8a9145090241a3d21584786d11a4f62ff612752676a853901bb588a4e42d6f7d23b28f7fc7716b135ce9984c1

    • SSDEEP

      98304:GkLxL9c9WJPSHRzilwSzrgGZgffmfmpS4if/7eayQQ4y:xR9c9eqH9ilweGmfyS3fj/O

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

    • Target

      setupapi.dll

    • Size

      4.5MB

    • MD5

      a2d16ec8a9c7e90bb39869372b482aff

    • SHA1

      559944e259019493f3b7a68ee9d3d80efe3be0c6

    • SHA256

      6f898b40fb49d1ae7f4bdb737ebd891c7019575f6700a63ea14d7bad4cf609ff

    • SHA512

      b9ec3cddf5aa76ee8f9ea3c18ab66b8bf8dd860440eb791995b9f86aeadcbf5ab1b9e5e1cdb58d29a6ecc02212bce64201c1657f11f0acbe01cf73be6e7de0ea

    • SSDEEP

      49152:lJZ7dS3oCGBDDkPOpxATxM40gaY/TQ3SDJ2oGW8IdctHle7M4HP1YUKIT+NuXVRJ:ljtfnATxBBU3SDJpTOuXVRWxS5F

    Score
    1/10
    behavioral5behavioral6

    • Target

      verifier.dll

    • Size

      386KB

    • MD5

      adf0f2f7ab69b71e73895fd23949b318

    • SHA1

      ffd20ff94c647d49513d0abb24415e3d72c6babf

    • SHA256

      c1228eb181ac5fc2b6f8404404d6c5e04d78d7c85c4502d1453ead4616f21a28

    • SHA512

      38424bb115151a47babd7a19e0fd48cc208609bfbf57b63430eaa1cd1aaca08247ae88de056c244bda172e648359d8fc3de98d0d379b3c4b0f34db4567d35b4d

    • SSDEEP

      3072:40j7r+nepRUtySYKWxZRjPYas35zrdbqK4n3tZXUi928Fh5wYFQxV3Zsd8TUnIXT:Bv62RyySYFZFgaSN9Q9ZXUgh5VMnL

    Score
    1/10
    behavioral7behavioral8

    • Target

      version.dll

    • Size

      30KB

    • MD5

      17c1e1099b65051bb6dec71fea37315b

    • SHA1

      8ed26469afbd53da7749ef9c6ab8c7f010e9bb1e

    • SHA256

      e549d528fee40208df2dd911c2d96b29d02df7bef9b30c93285f4a2f3e1ad5b0

    • SHA512

      e5274c47786f14c4275307c80d0eca48797267d32b069aed30993e571ead0289652e1254bd2ecabef3b2bc2039504e156ed2eae9c2c280b31034fa457a32ea79

    • SSDEEP

      768:FrAO9YmckVPxIiTAqMwwyg2ulzxAfv5r6wD1Pe3pU:FrnYmckVPxIiTAqMwm2ulzxAfv1Pe6

    Score
    3/10
    behavioral10behavioral9

    • Target

      vulkan.dll

    • Size

      1.0MB

    • MD5

      5fddc0a11a3a43d22cc26006db783a87

    • SHA1

      0e4213ca22dc85d6868c5b737b1ad2fafc9f3abf

    • SHA256

      c918b34d6dcd9d3681655cd5b10b4b4a774a80979e8223e684340c1750568a9a

    • SHA512

      06946507433f48fef41c09935276454f7aa50eafe15cbfcbf70822c96b765fc2e45d6d54801e8dfe0c418f46e3c0db8687dd46c1b1e122a5390c0c8fab46d1c5

    • SSDEEP

      12288:ATI+smXpgdOm3z9g8azb7isdBrkByASSqmgbozFD:AL7cxg8ujrkQAPqm+GD

    Score
    3/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v6

Tasks