Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TGX_V5_-_V1.0.0.zip

  • Size

    10.3MB

  • Sample

    230609-cxwg5sbd4t

  • MD5

    ab82f0042fd2589f06622d8d2637724b

  • SHA1

    e97b7b15f29e8c0ddb8e6d7ca00b2eafb317ecc9

  • SHA256

    56334550353b03c47980eabb2ba52487b2b542f747c6da5d75b2bf4087e19b3b

  • SHA512

    8f7f9a26fdfe7e8cd1f68aff8f392dbfec13d93c3e490f210d587d6167406c5efacf2c1ad4d105b0c2e777c043ef5f1943c449ba2723c3657a9d4c34144432e7

  • SSDEEP

    196608:LxNe1S84xLj/8IeVGyZEHR4JcuPqJHjXQMODlQxnOCmVe03WV4uH/oyJmzpeNeE9:L7QV4J/8eyYXuiJH0MG0aAQWGmvU4NeU

Score
9/10

Malware Config

Targets

    • Target

      TGX V5 - V1.0.0/DiscordRPC.dll

    • Size

      289KB

    • MD5

      a1c35901ad26a30c5b7836771b6badff

    • SHA1

      94a57cd3452a53c209323a1ce738b9f0fb0d6087

    • SHA256

      517240600b04d454cc5ab7b03e43c4af5a0b831fd2515f25c015a83652ad4cac

    • SHA512

      0af73788858e85df874cc232f5d31765648ffbf53d7fdf388fc1b619f44b9ca172c3ac92c983cbeec5d22b6692cd7d3f20734c8e759fe9cf53ac2671d9c1d5e4

    • SSDEEP

      6144:iiLsvWG766dSiKXs2Ol2JWzh0TWxwpeqN55I8pF+WVe2KN6nB/F:iiLmW8daXs2dWzx5M5I8P+WM2a6tF

    Score
    3/10
    • Target

      TGX V5 - V1.0.0/ICSharpCode.AvalonEdit.dll

    • Size

      605KB

    • MD5

      8f36b03d547fb3e0f9654d4f3074b89f

    • SHA1

      efa7dc54a626c20cbaec3b19b517a2ab64ac6e63

    • SHA256

      941d014ff2689248704b92e4de92bc7a6015a4fcd31dec426ef2d727acc04231

    • SHA512

      27c3020357d19a1498fff8c70d86e501b2b691a179fcf82d4590f371df6130157e7a88c97d5d22c9dcebd4d94af54d2aff90bb12589b88e6b65f3f50e9067509

    • SSDEEP

      6144:kiYcovb1WrZKNhU7nMjaR6dmnItzdSdoO+MSHMb5RKs8rvD288LPnM+k3XjXAUiW:kPcovbRon6cSEKvrvS88Lf1ltm

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Newtonsoft.Json.dll

    • Size

      685KB

    • MD5

      081d9558bbb7adce142da153b2d5577a

    • SHA1

      7d0ad03fbda1c24f883116b940717e596073ae96

    • SHA256

      b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3

    • SHA512

      2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511

    • SSDEEP

      12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/Aimbot 3.0.txt

    • Size

      98KB

    • MD5

      a026af0c23f83d6ec3ee17a4453c7dcf

    • SHA1

      e707b0ebf1eac194e90c70767ee29a1c37e1a4a2

    • SHA256

      81fe4c1f8cbcf06e43a347fd8c39ceef960995031ae71db385c28636dfce3ec8

    • SHA512

      9817501504aa1b4777f8d0b10c9776d224e0aa38e9ca91a6c80d472d5b5ceafac2e507c335a2bd9959073d74912825e1361bae699404b8c3bcdd9306b85c1b79

    • SSDEEP

      1536:3N+t5Lq6w48qJ4UJe6wyG9EeG251GX/J3GC1Zqn+MVpx2RnB:kt5L0UJe6wyG9EeG251GX/J3GC1ciVB

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/Aimbot.txt

    • Size

      30KB

    • MD5

      3ea5f844c18f550a3db09193c56594e8

    • SHA1

      389968ae4228908180ba68ecfab2ddfabeb0966b

    • SHA256

      d33d3205288b776d977ad0047647bc8d40b83bc7d4f190f86f1011c8b417e983

    • SHA512

      8af81e52e74950a1961ad004400140386b0ad3d49d64e9617ad12d4550a4b1699eddf8e79849a32cdbdad034f25ee535430de9bef0513758e48b29a54d52b440

    • SSDEEP

      768:DW6T+ELiUI29j8vVwP8UkSVDYtDkYNighmLlmyEDKtpWpJ7xwrs5SwG1NBbp0Bwh:iYTEK0y

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/CC Aimbot.txt

    • Size

      23KB

    • MD5

      3ab630b89a082862b82b552185ea4f84

    • SHA1

      703658e38cb131e6e53491f437a2e7e80a19ba82

    • SHA256

      54cba20aa0213ce83ed348763db0b17a55e4f39fbeae2ef0535ccf76b95bf622

    • SHA512

      9c290dd73db4425643f52f5f72c9c4d55666071141f3efd696e4b757b46ebf9fc6bb964ed61f3d9e3ddcbdf4073850041a43b9df6dbf50fcace9382d875fe77b

    • SSDEEP

      384:vP89lT07hqwp4EfExaDMluPQhKj8NTtXNKCkqJKcGfOtCZukLQKfb/eo5H+mYxsa:vP8XT07hqwp4EfExaDMluPQhKj8NTtXR

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/Dex Explorer v2.txt

    • Size

      632KB

    • MD5

      317fec7c823a6ba4ad613220b587a0e8

    • SHA1

      3884e8a9a9122e7912c76c919f20c1b9d274f505

    • SHA256

      5573cc6f439511c5ec73b0c88af87bce49cac37475aa32da5b75b931f632a3dc

    • SHA512

      d5adc2137051ab321197d0a2261ab991f5bf16e0271485c64b66679d863efb58191fe269fc40aa39feefd380b28d33168a6910b7ec40dedd2974e6d1d2db0bad

    • SSDEEP

      12288:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOCBkVgfgLcbVgBe28Vk9Gm1OvClEjmD1Szi:fyXiPr7Gja8LsZuN6nQRXONQDKZsjOC0

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/Dex Explorer.txt

    • Size

      2KB

    • MD5

      2653a7d92c77ce2269e5d83f9276df81

    • SHA1

      dc7789afa8887e2a2e3bf1146c2636ade1f50ec3

    • SHA256

      9e7179b6dfc1ad3a0bd5182290bb335ccf3fd51ecfa7740b8271814a9a564f5d

    • SHA512

      f025b189a5d31fceefb9cec270640b1f63552500657704833b68cd7820bb1c98abc33c8c2976d09b927ecfb2ac30f22c6b51da89d8c186093fc10fdc28d177c2

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/Mad City 2.txt

    • Size

      266KB

    • MD5

      1f2e26cfc004bdc2f2de0679c8ff2568

    • SHA1

      82f610d4b99fd08b52ffdd7d23b9f036bdcf27ba

    • SHA256

      629a0b979031a8b94d19e55cc1974c1361b491b005ca6b2f849265c5812b39f4

    • SHA512

      155fd7696881f01e401028f39e123a3023d5f84dab1a41c8b0440587b00aa8d4bab6654414c6e5a49ffae69734cbf2f0dac68cb1106a717e4216c69ef762103b

    • SSDEEP

      3072:VS2T6iABa4FZmn//HRR4OhRUU8EdPpES4xFdbIy91oH34O91N8sh/:VVTPzYZmnnoOLUzEdR34xFdbIUoXJisB

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/Scripts/TopKek V3.txt

    • Size

      81KB

    • MD5

      9e488b83078daf39e6f15f90c8d689cf

    • SHA1

      8602a9d4ecb5c4ea52f096e60b72607731c62277

    • SHA256

      c40fe38b134a8484794b773a363377ec8b37ed8bb5b5c88e182f4f7acc60b4c8

    • SHA512

      a86b60e792572ecc512ffad6eab8c271da206fe108d03c9c0156b5eea7a889c61943e88480a14f51ca787c79d084bc099cd3b01e7b5569e6149b3b079a45839a

    • SSDEEP

      768:l9dGinWaivTGFMoN6x94g+SnITXinAUJj0WFtdefC3ELZ7KhJDr0RzKokMy23ckW:Y3sr7b8W2PSh0gpNtiVtB

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/System.Management.Automation.dll

    • Size

      352KB

    • MD5

      835e9ede7e7c774e7a2d56cfdf6e9b17

    • SHA1

      a43ed886b68c6ee913da85df9ad2064f1d81c470

    • SHA256

      c3a5868584a777422cebcf31d6718fd2b26d5e2314d3b5ba6d8e47aa40faba0c

    • SHA512

      74284fd44497beb74326d11a0f63d96aff20aa44cfa8385f6b63b7e6743403c36e2ea4fb0d991767117a97d320e04d2b21f0a4730916244af4ffdaf51e834a26

    • SSDEEP

      3072:d/SDqTIE+QQVVBCTmAG17iT+Lt8D/1L2iLZdrs81sDotEKjRmarzRm+5gSBZqoEJ:d/PXS6WK2iLZdgotEKj9rzRmkgSBAot

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/TGX.exe

    • Size

      1.3MB

    • MD5

      678c8653640dd0f9d19e278674472d54

    • SHA1

      4a331b40f175cb0d9fc460e7cf9fd5783048551d

    • SHA256

      6fba7d910817ad1807a538e6a544c5fe2d16e39017ba40ad7c63beaa75f65cc0

    • SHA512

      06c5ae89aa5e5538198625f1532b5359b9f2f15d970e3f73869bf770fd50fac862727c658f16ea10d1f6267e7ab9eb9c1a091ff942a385c31d071c24f473b347

    • SSDEEP

      12288:zflguQwxRJ1cJ3DgRaSelVJDp2f7K33nQ3gwp/nhyE:zflgwRJ0iaSebJw63QR

    Score
    8/10
    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      TGX V5 - V1.0.0/Zeus.dll

    • Size

      8.4MB

    • MD5

      22f99cb448ada143921ab3570a60e1e7

    • SHA1

      f2c7918fe51ff8cad84f3b51b3f1d97075249cd2

    • SHA256

      ad8bff1ef7d3c0ff6c67c32f98401158e3875019d6b7355777ab2baf82ddc512

    • SHA512

      b53824bde25b3b0fb4a1b7e5587b21e7cd719724d3e5a249bb673221f1272845d11207ab185ce1b43c45f86806ed7c901bc86a7054e0700eca995edfa27cccb2

    • SSDEEP

      196608:7bVIQVUJ1OGfQosgxIgaa8JSk8JdNU7fWYMGZ1zJ6Ga:7OQcOGf/Yjark8JdNWWYFh1a

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      TGX V5 - V1.0.0/bin/Zeus.exe

    • Size

      8KB

    • MD5

      0e748258bdff15e851a83bd6f8f0344f

    • SHA1

      21a019e8fade24187c4ce31115a9dc038dd2be3a

    • SHA256

      c12319d8eb3d4b085601c0fe3ad5ca7b51766898cfe1fd62e9d11fd0e4bf8dc4

    • SHA512

      e0372d5cd1e9c4e8e5c2f97ae14ea503a2d9e1fbe91bc56aaf2df2efa8c5c16e366fd7a05e5e0bd20480c6ea3cc9658160b796d242254824da95453602fd9414

    • SSDEEP

      96:9XemmFrmDP0eUaEuiTnY9Ep7cxr5LF3PFFqhz4YKJujFzNt:gSDP0etEu6Y9wcxrHChz4xa/

    Score
    1/10
    • Target

      TGX V5 - V1.0.0/bin/lua.xshd

    • Size

      3KB

    • MD5

      ae551f74a59ad5d9009b5ccdf9d85fe3

    • SHA1

      f42b8bbc35ec476d62a41e3cc3be6769fcfdac39

    • SHA256

      01a7e671abd3181a6540ca44a98a01bf70cb35d92db586f8dd9d527c9c2e8b87

    • SHA512

      645c50b90782015bec666db41bd5998f8ab615267387b7f6e358239bf362463f54aa7ae3e307f713f8724a0e2598e2b0567fb797052d837e9f1a22e22fdf32b0

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks