Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Instagram_Brute_Checker_By_Draingrom.rar

  • Size

    4.1MB

  • Sample

    230520-t4hnasdd94

  • MD5

    e779769b4bc3ff94260ff3a42c25cf54

  • SHA1

    57a049c4e4f1076be35896b478cc7670a411da73

  • SHA256

    c779fa7b253a7546cd6d8e2558f749286aa1fa6ab28b2350a9af5878a26026a9

  • SHA512

    88fd6d6071c0b9c22afba30b7ffcb124a65c6e5f5b5d9029612ee539276abe9c5a936a8d22e4052f60e7557a4a9135c4379616fd9b29272582746d50438ebf0a

  • SSDEEP

    98304:esoB0pM9N/GwyJMn7tw4M9N/LfbGyEFFk9KAucRW+HB9bpZ5m4OJlBhWb0:BoBt9N/OJS5g9N//ELk9KAucVBPDm4O7

Score
7/10

Malware Config

Targets

    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/Instagram Brute.exe

    • Size

      436KB

    • MD5

      764712e3d75b5d1f4a061796002a7140

    • SHA1

      084aee5530c2a2e62aa4e80e4ac2da622ac19b10

    • SHA256

      136e19176bc750affe730700df1fd336def1089abc25b224f11b99bc357058c2

    • SHA512

      e269793978b9e4cfe510cd444c9447282d948d63469732d36486f37d35263b4ea2d5cbf2dcd70e3ae51b1c96c1443051bd6e9f95a90f1921acfec2e33fd9d3e6

    • SSDEEP

      3072:o4l69tNNP2wk35viVEUFg8zfHNkc3tWS8cRvLJo9qlhh+lhq:o66D3q35viVBtR5dz8cRv9o9q3h+lh

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/Setting.dll

    • Size

      86B

    • MD5

      63a6be7c83ede206498d3c30be21a1fa

    • SHA1

      c93e1f31429667d711bb42496d59b60bd93a99a1

    • SHA256

      abb35df208d26df4caa449d104e7eb31efd263f1940a901afff78658d3e3587a

    • SHA512

      8a58a0126f60a975b159fa759752a8f9db3f78406259bcee7999b83fbc3be3fbfffdf7caf2eed2ad9983e1069fd27095e8618a441acb9310d54aed44ea381fe1

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/Virus Total/scan.txt

    • Size

      109B

    • MD5

      2e99fbaf1ad4f921ebe1ba0adb710c25

    • SHA1

      6335db361e4666581ca3fd9d594ab1827dba734c

    • SHA256

      f2f02c614c4a88b423ad0a404f7f5e7c1d33c5445e75f3d6f651ae6e791cdd57

    • SHA512

      ac7ccfcc0fd077218cfc8130d587ef03f2e2ca539b052e1f8c224f46a000884b1da1c7daa43600f767b8f3c4da545e0a3832f75caa771022281dbf75ef1ea175

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/libeay32.dll

    • Size

      988KB

    • MD5

      177bda0c92482dfa2c162a3750932b9c

    • SHA1

      cb3b8a465fb55e9e0b4bb5a3298a481557a799d5

    • SHA256

      17a4b75ef43a4fdeedaef86c39bead6719144e3e368b55898b79ecb371012854

    • SHA512

      d6900cbcd53d2993ea639e70fe7d0b29595153c4ef54eb9c4a264c22963ca64d551dd633ce1c5d657bd371ddeebcff00419d50a13e423d44f25c8ac9f8ccf3d0

    • SSDEEP

      12288:baTkV9YfAjvnC+pcU0MfHJQXA7WpVn2UNKQbox5b6j6iHk:bOBcnJpcTMve5pV9sQbsejrHk

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/msvcr71.dll

    • Size

      340KB

    • MD5

      86f1895ae8c5e8b17d99ece768a70732

    • SHA1

      d5502a1d00787d68f548ddeebbde1eca5e2b38ca

    • SHA256

      8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe

    • SHA512

      3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da

    • SSDEEP

      6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E

    Score
    3/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/Ionic.Zip.dll

    • Size

      480KB

    • MD5

      f6933bf7cee0fd6c80cdf207ff15a523

    • SHA1

      039eeb1169e1defe387c7d4ca4021bce9d11786d

    • SHA256

      17bb0c9be45289a2be56a5f5a68ec9891d7792b886e0054bc86d57fe84d01c89

    • SHA512

      88675512daa41e17ce4daf6ca764ccb17cd9633a7c2b7545875089cae60f6918909a947f3b1692d16ec5fa209e18e84bc0ff3594f72c3e677a6cca9f3a70b8d6

    • SSDEEP

      6144:OhagC/Mq25o9sXGtSV41OJDsTDDVUMle6ZjxLV/kHu4Bht79I9:iagxWS4msNUCe65fkHdBf9

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/LICENCE.dat

    • Size

      75KB

    • MD5

      32406b2e63d925e97d2a1f31fcd5b426

    • SHA1

      c4c6b64bfb666ce5215e40ee98ef04f7a74bff2d

    • SHA256

      f964afe7cf10801f5f74f2d9ebfedba289c63821be5bb110911e325e81487950

    • SHA512

      1e13c631defb96d1aecb37e38d67b5e431ccd24d3839f465543c922ea8ef7bddb98c15a55165c686bcca9ca2e291c41ff4fba898b37ae950f748633e251f5fa1

    • SSDEEP

      1536:42E/TpWLelzMTUQZmlIrNdHcZeeZSu2bWcEwAHtuWPcDKa7m:fEoLelITUQGIMZgSfTHtuH7m

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/Launcher.exe

    • Size

      53KB

    • MD5

      c6d4c881112022eb30725978ecd7c6ec

    • SHA1

      ba4f96dc374195d873b3eebdb28b633d9a1c5bf5

    • SHA256

      0d87b9b141a592711c52e7409ec64de3ab296cddc890be761d9af57cea381b32

    • SHA512

      3bece10b65dfda69b6defbf50d067a59d1cd1db403547fdf28a4cbc87c4985a4636acfcff8300bd77fb91f2693084634d940a91517c33b5425258835ab990981

    • SSDEEP

      768:FKtnBTTQi/YqMFlVt52ftDhKeoNzZq8OujxUu5XEAb4b9yvMzUV5:qBTUgYFveDRuFEAb4b99QV5

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/Setting.dll

    • Size

      86B

    • MD5

      63a6be7c83ede206498d3c30be21a1fa

    • SHA1

      c93e1f31429667d711bb42496d59b60bd93a99a1

    • SHA256

      abb35df208d26df4caa449d104e7eb31efd263f1940a901afff78658d3e3587a

    • SHA512

      8a58a0126f60a975b159fa759752a8f9db3f78406259bcee7999b83fbc3be3fbfffdf7caf2eed2ad9983e1069fd27095e8618a441acb9310d54aed44ea381fe1

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/libeay32.dll

    • Size

      988KB

    • MD5

      177bda0c92482dfa2c162a3750932b9c

    • SHA1

      cb3b8a465fb55e9e0b4bb5a3298a481557a799d5

    • SHA256

      17a4b75ef43a4fdeedaef86c39bead6719144e3e368b55898b79ecb371012854

    • SHA512

      d6900cbcd53d2993ea639e70fe7d0b29595153c4ef54eb9c4a264c22963ca64d551dd633ce1c5d657bd371ddeebcff00419d50a13e423d44f25c8ac9f8ccf3d0

    • SSDEEP

      12288:baTkV9YfAjvnC+pcU0MfHJQXA7WpVn2UNKQbox5b6j6iHk:bOBcnJpcTMve5pV9sQbsejrHk

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/msvcr71.dll

    • Size

      340KB

    • MD5

      86f1895ae8c5e8b17d99ece768a70732

    • SHA1

      d5502a1d00787d68f548ddeebbde1eca5e2b38ca

    • SHA256

      8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe

    • SHA512

      3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da

    • SSDEEP

      6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E

    Score
    3/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/ssleay32.dll

    • Size

      192KB

    • MD5

      5023f4c4aaaa1b6e9d992d6bbdcd340b

    • SHA1

      2165b4a8089a7c00dc586c983e8548653a4e0ce4

    • SHA256

      59b1be1072dd4aca5ddcf9b66d5df8bec327b4891925ba2339fe6ac6a1bf6d19

    • SHA512

      c2885d8a8daac7ff83991dd81c6b2993c874081ea8877511aedd61e31829b26d33d8d9e433c7c72dd79d4cdf5d2a6e484b980117549770df1d2f2f522f8a0758

    • SSDEEP

      3072:whsCnSceRcwwWbLhF8KzwtF1TKXpE2y5jfFKRz+AAWeZJHR7u9Ea3Q0du1f:5TRVwWblFrzw31TKRatKVjqJHW3/d

    Score
    1/10
    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/settings/xmt.exe

    • Size

      2.6MB

    • MD5

      739f50d778d3dc9a39bff9a75591a4ed

    • SHA1

      813d724b74b4f473ab585656b53ac5f52cab0416

    • SHA256

      72b00bca2ad9591351e276b81bbe93f0446cdf68cc7cf357135ea7c8a6b11959

    • SHA512

      6b1ba28679cb7ee3c9c44c757a58debf070a77a8947859bd5076ae22d745054e75e7b992ac0c01086c87027ad4bd65582957376df3d4dbbcdda3fc6a9085e85c

    • SSDEEP

      49152:iRL7D2ejOaUDO3mdfcHYbAvcWMz4nCuX3iGaf9ibKV0QtNKb4L/fNljZ:m31jeRC84V6Uw0yLXNN

    Score
    5/10
    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      Instagram Brute Checker By Draingrom/Instagram Brute Checker By Draingrom/ssleay32.dll

    • Size

      192KB

    • MD5

      5023f4c4aaaa1b6e9d992d6bbdcd340b

    • SHA1

      2165b4a8089a7c00dc586c983e8548653a4e0ce4

    • SHA256

      59b1be1072dd4aca5ddcf9b66d5df8bec327b4891925ba2339fe6ac6a1bf6d19

    • SHA512

      c2885d8a8daac7ff83991dd81c6b2993c874081ea8877511aedd61e31829b26d33d8d9e433c7c72dd79d4cdf5d2a6e484b980117549770df1d2f2f522f8a0758

    • SSDEEP

      3072:whsCnSceRcwwWbLhF8KzwtF1TKXpE2y5jfFKRz+AAWeZJHR7u9Ea3Q0du1f:5TRVwWblFrzw31TKRatKVjqJHW3/d

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks