Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

notepad++.exe

windows7-x64

1

notepad++.exe

windows10-2004-x64

1

plugins/Co...st.dll

windows7-x64

1

plugins/Co...st.dll

windows10-2004-x64

1

plugins/Np...er.dll

windows7-x64

1

plugins/Np...er.dll

windows10-2004-x64

1

plugins/Np...rt.dll

windows7-x64

1

plugins/Np...rt.dll

windows10-2004-x64

1

plugins/mi...ls.dll

windows7-x64

1

plugins/mi...ls.dll

windows10-2004-x64

1

updater/GUP.exe

windows7-x64

8

updater/GUP.exe

windows10-2004-x64

8

updater/libcurl.dll

windows7-x64

3

updater/libcurl.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    npp.8.5.3.portable.x64.zip

  • Size

    5.5MB

  • Sample

    230713-2453lacd5v

  • MD5

    996aa845e7619370bc6220ac6f6c206a

  • SHA1

    89437d9433de46a35629a647fc1c6851b2fd3d1f

  • SHA256

    e3dcd71e32b11ca32c66e5187c2d4191401f885afbe068163ad8b054da362de3

  • SHA512

    f105c836e84442567dcd6700b8052e65b0926b92a04ef23b347c18b6d89450f36c7656563755b7d9c295d0e56b3a00f4f6dcea6f64852c42e9b7c5a8754eed30

  • SSDEEP

    98304:p+HSo/V5pLdJ8q6BjcrLQ4iSHXuXdhAZoYo+a0KV4oBAF9Z1FfE0sbTDxUbGF1IN:pKr/tLCjWHiSsiZo88BAF71FKv1rqohu

Score
8/10

Malware Config

Targets

    • Target

      notepad++.exe

    • Size

      6.6MB

    • MD5

      b7e5e966ebb9c302155d6b6e0da21721

    • SHA1

      eca5ea2f815c856c22f8a9ba4c2c4c0713daded0

    • SHA256

      31ac7d30e550eee5f28e1a04f1e7e9346ba91849b27f24c700f098654c054a8b

    • SHA512

      8f3b1fcbc446ba0ad31535c9e59e9f5a542309de8779b5b9e9e9a09bf89862a32483aecc01edbc35411b5792549227a375c05abc532ae4093200876fa6aeb031

    • SSDEEP

      49152:5d9VFXdEK1BPN2efc5bjaMOoDsKEj45gvV+/QFw935Gt4/fDT5dOotDVhJJao0gB:p26UcvVUDDxD2MdpU/KGHiLUiRt/moD

    Score
    1/10
    behavioral1behavioral2

    • Target

      plugins/Config/nppPluginList.dll

    • Size

      201KB

    • MD5

      f91536d6a16e461683f2a93502e90869

    • SHA1

      b8f5afff11a489c5cc97d00c849bb45f54565b75

    • SHA256

      669c9ffaab16c1c4ee71b33df016761516426b0afdbe14db94e1c265b3c2d8aa

    • SHA512

      0ca94677d5ec4be70e557e7b8ea2d4d1f0137a5a173b713cfd8cc9ab34f21a588390911c127f0f3b391bb7d748699f36309d97588ed3493faa5c3f0537e57895

    • SSDEEP

      3072:IuQtUEW4pggQikeV29r97Fo/rg4aSuhJFABT1+famyK14xH50i5MBRPxp:AtUr4/Dkq2FHI1gv263

    Score
    1/10
    behavioral3behavioral4

    • Target

      plugins/NppConverter/NppConverter.dll

    • Size

      181KB

    • MD5

      50a164f22b63ecb9dfffe4621ef2a4f6

    • SHA1

      0011d2efceaad9b937b9c09cbdbee07ba6bec8de

    • SHA256

      3d0a69daea9680dda5f9439950b795b204d8fcc0213142b8157730e9a92fe9ff

    • SHA512

      4d3674b2d677db7f7cea39a23f9436e61ca914f904f9d9ce7d6e8bdf6e6e3ad33dbad9ed0a49e59b959d711f1e6ca5fa1eff0beff80794eee3529b4dd149995d

    • SSDEEP

      3072:8xoczxsVHDAGKfKj2UWe/1btth0vCxMhX8cCLFKPjxy9:8xoPVkGKSjFVrhbMwLl9

    Score
    1/10
    behavioral5behavioral6

    • Target

      plugins/NppExport/NppExport.dll

    • Size

      153KB

    • MD5

      d21ed63e4ff2184f710b71e3019ea855

    • SHA1

      a8971d8126664c20c36dc1ec470a76aa5dad2a2f

    • SHA256

      55ee36a43ede690e0ea781a70a6588664e952c2c0bdd4b0e91f50876f7bc4144

    • SHA512

      0cfb0ab7ba240c5caabf376ccff052730494b84ca419142572612b2cb72b7e54531d78a972e0e9843c7d65427784e4bb602e393c73de8381047c1f392f600f36

    • SSDEEP

      3072:jHWvf4whXRxCtyAKfbn52zwjMdsI54tWfdHak6y42xB:zWYwtRxCYAKfb5uwodsIjd6k60

    Score
    1/10
    behavioral7behavioral8

    • Target

      plugins/mimeTools/mimeTools.dll

    • Size

      132KB

    • MD5

      23148536f685672405e2762aa763fefd

    • SHA1

      d85df44159972e1827036b30ca1d0ef294803cbe

    • SHA256

      49b2f2e74534c684433d4b786dc21cf3712c8e71358b388f71ed04d0278ddfe0

    • SHA512

      d1a4aa02bdf4a813acaa66217843283955e6284877a9f187b54f65bdbd5c288d5c428a4c1db453ec9b03411188dcf7b8f4ba02b466a94e37d495656c813a647e

    • SSDEEP

      3072:loqr8PapKBmgjzgav0u5f8SyMWG6Yy7o3xA:0+UxjEav0u52F

    Score
    1/10
    behavioral10behavioral9

    • Target

      updater/GUP.exe

    • Size

      798KB

    • MD5

      e24cddedd2508dd360f6ee23e3a2f36f

    • SHA1

      41868d05991493f219b66d1bef5672ed17163a0f

    • SHA256

      7078642857d0023449d93acf50b4799a7e71ea7850e6095c941cc036e294a99c

    • SHA512

      4003686aaf444e20ee85ca6d5c88bf0087e9428a0e4f85c0d267505afeb5b582c0fe619b3c64b1118a543ba2eef24ba4464c25cc1c45832666cfefce87688eaf

    • SSDEEP

      12288:LT1cES2JH4oKgAGtMr5DR+W7AyfuKY0dsr0uiKnHowsT0CSm4:Vh2DR+Cu6dsr0uiKnHqT0v

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral11behavioral12

    • Target

      updater/libcurl.dll

    • Size

      666KB

    • MD5

      279af83dba39efe50664ada107be8031

    • SHA1

      02f9cef56b197ffdd8be2a00a5aadf901c43333a

    • SHA256

      23e72679a0ea58788b5efc1b1449c85a740c178b921b90846ffeb9b461edf71d

    • SHA512

      30390e8cf41edfee0a47274dd52ca5b851fffc7b74e96c9a0c5c28dc1714acde35adc5ccd53dae846e7b2f6f0abbda5845e7dbab35ea7c20ceb7dba78162e7cc

    • SSDEEP

      12288:TvIArRDjmkqR6tv3cKOuWmDxyEI+mVLIOlwBnq48+MVjt1wIbz:TvI9ptuWKxyEI+mNIOlenqd+MVxhz

    Score
    3/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v6

Tasks