Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

v4cracked.zip

windows10-2004-x64

8

v4cracked/patcher.dll

windows10-2004-x64

1

v4cracked/readme.txt

windows10-2004-x64

1

v4cracked/...94.exe

windows10-2004-x64

8

loader-o.pyc

windows10-2004-x64

3

Resubmissions

22/08/2023, 02:18

230822-crmytabb7y 8

22/08/2023, 02:17

230822-cqynxshe49 10

22/08/2023, 02:12

230822-cm1n4sbb5t 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    v4cracked.zip

  • Size

    13.9MB

  • Sample

    230822-crmytabb7y

  • MD5

    2eb8a7f42774bc68fee1ed90458ff406

  • SHA1

    830c182da95794972bb4306e884eb799babaa99b

  • SHA256

    2767cfb1873c6b6585458babb7ad884b62a5326d441bfd83c3db8e91d2b20fd5

  • SHA512

    9b9a23386a17b97bbfbb6be6b6e74aef89c81ce6a5408fe20dad506cde6fafbe17f72ad36f5dedc4a990b0e3b0379d9d426a3915c691ced1f0172b6369a84126

  • SSDEEP

    196608:eCQsGbT/9bvLz3S1bA329Oq5UWrlwsGUZ:/GbTlj3S1bO29Oq5UWpwsGUZ

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      v4cracked.zip

    • Size

      13.9MB

    • MD5

      2eb8a7f42774bc68fee1ed90458ff406

    • SHA1

      830c182da95794972bb4306e884eb799babaa99b

    • SHA256

      2767cfb1873c6b6585458babb7ad884b62a5326d441bfd83c3db8e91d2b20fd5

    • SHA512

      9b9a23386a17b97bbfbb6be6b6e74aef89c81ce6a5408fe20dad506cde6fafbe17f72ad36f5dedc4a990b0e3b0379d9d426a3915c691ced1f0172b6369a84126

    • SSDEEP

      196608:eCQsGbT/9bvLz3S1bA329Oq5UWrlwsGUZ:/GbTlj3S1bO29Oq5UWpwsGUZ

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

    • Target

      v4cracked/patcher.dll

    • Size

      1.9MB

    • MD5

      335234cde1a7deafcde49eef4530dba6

    • SHA1

      1c1c6e3b9d01d2d4db17ec1e2cbba34b134d8d5f

    • SHA256

      0de6caaceb6dd8bbfaa63154ee787b8250b99967aa6eca114ed8e5b8c148c396

    • SHA512

      3e687967d25779d05bf68d1078e1a9630e7f715e7fbe56132a8616bfb4aecf338fcc0eb36ce70afa73ec66c625a8207252ddc8a73270ba1fdf754bfbea85ebba

    • SSDEEP

      24576:/FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFx:H

    Score
    1/10
    behavioral2

    • Target

      v4cracked/readme.txt

    • Size

      171B

    • MD5

      94fb82926a0bc6c56951bee0df57cfd2

    • SHA1

      cee1c2aacdb87bfd464e05383c1dd3c772ecfe09

    • SHA256

      2a1ba637510b210e588b155e4b12b1c1cb91aa0e2bba279aebd8949204f519bb

    • SHA512

      c72769624f0093622b3a737ccaa4209922da41a9bdb063773abe0907ba7ec98bf1c818bb9892fb87841846a7b008d9981ee395f2e4fb3c52f20fb0c45827ff6e

    Score
    1/10
    behavioral3

    • Target

      v4cracked/v4cracked by trigga8694.exe

    • Size

      12.0MB

    • MD5

      346268be76f8fa86a5dad611198cd8be

    • SHA1

      a4af910fc86213da4bf3192f2ded04a43b3b3808

    • SHA256

      00d82a10e0816bb95311695ce103eac885ac1df076766ff490f9d27e01d7e381

    • SHA512

      908ce5c52dff8086f0045d5ca9555f3d20fe8cd433590e52ba5255e85130e4d550298d50887f66d3ee0cd245bbf3bbdee70d483e8c4d3ec792efbd01647173fe

    • SSDEEP

      196608:3CQsGbT/9bvLz3S1bA329Oq5UWrlwsGUC:EGbTlj3S1bO29Oq5UWpwsGUC

    Score
    8/10
    spywarestealerupx

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral4

    • Target

      loader-o.pyc

    • Size

      1KB

    • MD5

      c9da2cbea39364be30f4c2a439b7d6a3

    • SHA1

      2e56a3c54cdf3a58d73def179eb48476ed0795ea

    • SHA256

      97009a2c5efcb875d9ec69cfe5cb7bea1b11595e2791c0a1cfb0dc35c1466503

    • SHA512

      40478ec9eff6c8d3fc4bace432d420978cb6bf466b31845f8e50f825efc74eae7737ca8abba51162d92ad2d83b43184779e85eb086b466f8fb5f226b47f5102c

    Score
    3/10
    behavioral5

MITRE ATT&CK Enterprise v15

Tasks