Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
1Autorun.inf
windows7-x64
1Autorun.inf
windows10-2004-x64
1Setup.bmp
windows7-x64
3Setup.bmp
windows10-2004-x64
7Setup.exe
windows7-x64
8Setup.exe
windows10-2004-x64
8Silent_Install.bat
windows7-x64
8Silent_Install.bat
windows10-2004-x64
8blutooth_on.ico
windows7-x64
3blutooth_on.ico
windows10-2004-x64
3setup.ini
windows7-x64
1setup.ini
windows10-2004-x64
1x32/setup.exe
windows7-x64
8x32/setup.exe
windows10-2004-x64
8x64/setup.exe
windows7-x64
8x64/setup.exe
windows10-2004-x64
8General
-
Target
csr-bluetooth-4.0-driver.zip
-
Size
407.4MB
-
Sample
230512-r5n6csde34
-
MD5
2c6a2908295c80fb516d802d373b8f76
-
SHA1
e2df72e76a7e8f7b936a7c76ef4c6460e763d2ae
-
SHA256
51d03aad9e9f8ef2282daa338adc42d8ad0ae2ef67c09bfe384170901c869c36
-
SHA512
d73bb44eeca5958ddfed6768e863d4d7794735a60f11433b5efd8e485d80a5d2ad46152576654af696601e4ef3460cb630896f8ed015d8b1ef39099b5b559a4e
-
SSDEEP
6291456:kErJCp7M6kYGrJzF1mDR4FFSMFJYokt1rXz+Du2bOxrjlp5TGi4h3D3H1hzBeO5A:k4opw5CREKtjSWl3CiQzf4I8
Static task
static1
Behavioral task
behavioral1
Sample
Autorun.inf
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Autorun.inf
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Setup.bmp
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
Setup.bmp
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
Setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
Setup.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Silent_Install.bat
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
Silent_Install.bat
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
blutooth_on.ico
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
blutooth_on.ico
Resource
win10v2004-20230221-en
Behavioral task
behavioral11
Sample
setup.ini
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
setup.ini
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
x32/setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
x32/setup.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
x64/setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
x64/setup.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Autorun.inf
-
Size
57B
-
MD5
73130d708da8f3af1c6ddaf642e945cd
-
SHA1
1d3d93aecba8dbbe218b2108c82023af0a9926bd
-
SHA256
c4ec195fbb0439ed338bb8d9925af50e49de1b29dcb72135df7f1800db3d195e
-
SHA512
2e313dc001fe4c9dfcededef92ab3e1f2168f9c002ef8a0ec956aa01271bfd62fe26ef3f61aeeb05b31f774cb888c26cb0443a6fd344c8316b9337ebb2feb661
Score1/10 -
-
-
Target
Setup.bmp
-
Size
777KB
-
MD5
368f0a916240898cc18d8291643b454a
-
SHA1
a7875dbf874e953e7b57e3818f924721d24bd4c9
-
SHA256
1d6478f6da9de299e694bc76a460bfc143b8ceadf2ae1c2eab8531b48f431c06
-
SHA512
6679a89a00def240c867252a6685ad57e0d05e5ea257dd311ad40e1ef51ee100f7d69836e2cfc6cf2fa69d43ed6a0f514e67298b9e0b3be3786d0130d40ef8c4
-
SSDEEP
3072:iABE+Glkx2zJVwXWpeXjTo4k/gIWLbj/Z2kl/pYQO2APb2syir20X0nrSt/k+31f:bS+GCeVwEeny/bWHTZYQ225ir29OsLJo
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Setup.exe
-
Size
92KB
-
MD5
86475a2101208040be3dc425121c8ff8
-
SHA1
e9130507efd90353ebbdbaa89d961426b522866c
-
SHA256
15181942b137b8c6d5f7e7f6dd8df88ccfc12b6e059f158c43c6b4a98f548b93
-
SHA512
a8fc80661d3707458a88001d6d7a5b33d28dbebe07244e86728f9b37a4f86f12e01192292d5444dca129fc39552fc82828b7102c659144d58264966562846c34
-
SSDEEP
1536:hr3ml2LZmMp0mOZSIqixdOD0F/k/8PY9f:lmkLZwzaDu/k/8Ad
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Silent_Install.bat
-
Size
49B
-
MD5
d6baa7def6ceb42310d0acf8cd5afc25
-
SHA1
e2df58afc62ce98ae50ab0c7b9341e4c92b82b3a
-
SHA256
5d449b3d34a65240274b540601adcecfe59c0071177273fe8e72614291166166
-
SHA512
19d2e4cb8dd473d1bf13673c2be0104409c99ef0daa1d77690af9ade1a9496bf2bf070fe9a61db03c8d387ed738e1e369abceca21080033b29dac62fbe9f214d
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
-
-
Target
blutooth_on.ico
-
Size
361KB
-
MD5
b7ffda6bf1092ba87bf794b2b74a9e93
-
SHA1
1729b8c58c755e1663cd994dd63d0d10bef8672d
-
SHA256
f5063ff5a72b51638fba116503dc7af314fc02fd4e4fa95d22856e236d431be3
-
SHA512
4ac6401876ffe64ad7cf652371de95dede570c313bd4f826bea428f7976b178ad0ace02c6653a436a79689cb2f7b79f077a2c4195758a1bd32664bc21eb6d3cc
-
SSDEEP
384:8FzvxNz+i8CRKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK4:tIG
Score3/10 -
-
-
Target
setup.ini
-
Size
302B
-
MD5
44528114f80723e903616cf5fae86e45
-
SHA1
394443a8236df40a8a4a8c5f632016d15b2af7c3
-
SHA256
be5da73f36fb66e6854700176768ad3f83063c137237782b04f2d1f6513a1994
-
SHA512
ee36b50a5ed7847aa2fbe705bc2bb9209d40319450d9c5623167f52a8d5b49014b6dad9437bb883f3b905c3362bad759c97ab4c4ff618779d3607b3e57d141c6
Score1/10 -
-
-
Target
x32/setup.exe
-
Size
189.8MB
-
MD5
da0bb7868fa68de62c1cfac34e8dd2bd
-
SHA1
1f1496ea9f490161a1c2ee8839fdadb4a94b3725
-
SHA256
539e20a7820d76833a884e46c180afe925eae26940860cf3be7706ace5419e88
-
SHA512
708feba022827f0e3d5c7fc821dfd244ce75c35c95b8b7f140ca0ae5e07ef9af6a8e8c6f21e8169baae3e9ede4038f2300d4b482917111481236160be6e8737d
-
SSDEEP
3145728:r0u49gTTDzlJOf/R1z67naI26pEftQOEUO9Qa5jlDD/lKJLomIP1xzE9I9tde7Kb:o+NJwbzgaIQO/lf/lKJLiNFEa9tcO8DS
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
x64/setup.exe
-
Size
218.8MB
-
MD5
cae7653e477e1bca78905f3ec9ab91e8
-
SHA1
59c9180f83a6a2f7b7a0292d0392b3040b75e73f
-
SHA256
188ac68766be38240fa9572209885a37f10aab5868c0d6661f59feadf35a4f09
-
SHA512
1fc6bf604a2feaea90e6fb13f433b312bf8080065275a56afd5727ceb5e168663b080660048c8ba8c49bd6794e3c859cf3836c0a30e8cf73aad6598c5f763d55
-
SSDEEP
3145728:K0nR2fs6Lt+8a1w8ihpPnZztqSI8mb90OlXt92wZvJ+KGtwlW9YM6Bgm/hag+:mfs6LUd1ghpNtqSwLhTZZhPprM6vz+
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-