Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
9Static
static
7pc-creator......apk
android-9-x86
9DefaultWsd...tor.js
windows7-x64
1DefaultWsd...tor.js
windows10-2004-x64
1config.bin.jpg
windows7-x64
3config.bin.jpg
windows10-2004-x64
3machine.xml
windows7-x64
1machine.xml
windows10-2004-x64
1settings.xml
windows7-x64
1settings.xml
windows10-2004-x64
1web.xml
windows7-x64
1web.xml
windows10-2004-x64
5General
-
Target
pc-creator-pro-v2.3.2-mod...apk
-
Size
129.7MB
-
Sample
230630-q44nzseb5w
-
MD5
944581967675a53eed45db2f199a2e50
-
SHA1
5e657ff8e75dc4cbe5f7b3b1cc26898b14e4bf88
-
SHA256
822f1a68300dce01b89812fdfe8976c355e6fcf40c89d654c0b48602b72b0ede
-
SHA512
15a99d91b90cda9b73b80c22b1ec15ccf6f85ada38f1c2751d80f2d3ad103795fd7261ca4fa2d7aca5d6cb6c540dfcdacc0c5a344096215c671f6025f0aff32d
-
SSDEEP
3145728:b664Mk9CiIBi7pI+g2V8J6Cu2lsCk+mahdY8QZ:/Bkfoi7p526Cu2yCnTxQZ
Static task
static1
Behavioral task
behavioral1
Sample
pc-creator-pro-v2.3.2-mod...apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral2
Sample
DefaultWsdlHelpGenerator.js
Resource
win7-20230621-en
Behavioral task
behavioral3
Sample
DefaultWsdlHelpGenerator.js
Resource
win10v2004-20230621-en
Behavioral task
behavioral4
Sample
config.bin.jpg
Resource
win7-20230621-en
Behavioral task
behavioral5
Sample
config.bin.jpg
Resource
win10v2004-20230621-en
Behavioral task
behavioral6
Sample
machine.xml
Resource
win7-20230621-en
Behavioral task
behavioral7
Sample
machine.xml
Resource
win10v2004-20230621-en
Behavioral task
behavioral8
Sample
settings.xml
Resource
win7-20230621-en
Behavioral task
behavioral9
Sample
settings.xml
Resource
win10v2004-20230621-en
Behavioral task
behavioral10
Sample
web.xml
Resource
win7-20230621-en
Behavioral task
behavioral11
Sample
web.xml
Resource
win10v2004-20230621-en
Malware Config
Targets
-
-
Target
pc-creator-pro-v2.3.2-mod...apk
-
Size
129.7MB
-
MD5
944581967675a53eed45db2f199a2e50
-
SHA1
5e657ff8e75dc4cbe5f7b3b1cc26898b14e4bf88
-
SHA256
822f1a68300dce01b89812fdfe8976c355e6fcf40c89d654c0b48602b72b0ede
-
SHA512
15a99d91b90cda9b73b80c22b1ec15ccf6f85ada38f1c2751d80f2d3ad103795fd7261ca4fa2d7aca5d6cb6c540dfcdacc0c5a344096215c671f6025f0aff32d
-
SSDEEP
3145728:b664Mk9CiIBi7pI+g2V8J6Cu2lsCk+mahdY8QZ:/Bkfoi7p526Cu2yCnTxQZ
Score9/10-
Renames multiple (62) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (70) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
-
-
Target
DefaultWsdlHelpGenerator.aspx
-
Size
59KB
-
MD5
f7be9f1841ff92f9d4040aed832e0c79
-
SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae
-
SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
-
SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
-
SSDEEP
768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score1/10 -
-
-
Target
config.bin.bytes
-
Size
256KB
-
MD5
5d07d3bef9bf58abd51d987018cce106
-
SHA1
8d61e741d861d33a61d5637121f1ca380929ead1
-
SHA256
23feecddeb185d7b375378d3574132c2d0616d53f4a315887bcb4b5e7e9e13fa
-
SHA512
0b67bb66fe1d7ac133c14c64d832c3e8536f34ba797d1988915514d0e18731c09b13117142ef533783b69289c6e8a03ec7dc51dd97776f3b1cf0fa6e1d6ce08d
-
SSDEEP
6144:z8ewJTY2BRG5lqARO4qRJta8C24k1GuJ9329tRTPepjNRJ3rA9CnQAck:wz3RwOtrfCSN9Et6NRJs9Sck
Score3/10 -
-
-
Target
machine.config
-
Size
33KB
-
MD5
0869544722561f5aff0eefc83fc7b001
-
SHA1
1e118f4b5c1c6a7b1858e3fccb1b1d1095561976
-
SHA256
ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6
-
SHA512
ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2
-
SSDEEP
384:PbtltttttSRtNRtcRtGrRtSRtTf5Rt70zDgRt2Rtuj4f1RDRty6ugyunHMSeuWuh:dkn
Score1/10 -
-
-
Target
settings.map
-
Size
2KB
-
MD5
ba17ade8a8e3ee221377534c8136f617
-
SHA1
8e17e2aec423a8e6fb43e8cbe6215040217bb8a3
-
SHA256
ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8
-
SHA512
c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297
Score1/10 -
-
-
Target
web.config
-
Size
18KB
-
MD5
08101241b15b53ef0ab908f6d388881f
-
SHA1
ea3e2ad6d71d483c54b12852dcbdcd0baa569988
-
SHA256
15a2c7a9242bf54d3ccb3e07fa6d8f84ba8b303d8877243787a1103009941bdb
-
SHA512
a1ee7f17bb069ac42483d1f98ca839ff1bd06f3fc15cd379dff4aca3732a5dac24dc17e15acc8f8fa39e60e186219f4fd70664f9ea284002274a4ff8609791ed
-
SSDEEP
384:lJJuAr8F1mJ1ayCk5+HK5YaW41DBWTwa6st/tlLvSqwwU4FVXaS7L3nHIXYFXc//:jbpJi91Xbi
Score5/10-
Drops file in System32 directory
-