Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JOYSTICK.rar

  • Size

    2.9MB

  • Sample

    230823-11mleafh63

  • MD5

    d8436a1a45b143bcc924e929a77adb3b

  • SHA1

    89df9e4c514c5f9fdb7b1f1c577d1a14a5061741

  • SHA256

    e146cdc78722102bd650befe13ea111228ff692d0a1d2bf919648a1b4b26f9f3

  • SHA512

    e39cac35b1e05d0e85351d86774759086a8eb9752d57e5a28af68464767d520d177562b5daee33e140f690a5db044cb65425c89ac0b6fc8e3f64611cc8e2ae1a

  • SSDEEP

    49152:fGkp1wxYj2Yk1efU5mc00nTwWhgfL11CaEjXg+ZKc8YRqW+pkdNt99IIPp+lFkTu:foxYjO5V/0WhgfLDCakXg+LRNeIe6YEC

Score
8/10

Malware Config

Targets

    • Target

      JOYSTICK/XOutput.v0.11/README.txt

    • Size

      306B

    • MD5

      9c0333b204f22e6e8b35c070fa4c1bea

    • SHA1

      89f0311adc17a5eada31f412cb25f402f2ecd0c6

    • SHA256

      a06335559453a698b03470f6f0aa359569fd42a158e03b79b928b3085993c583

    • SHA512

      eb47f7f26388a55948cf03d435af344cdc0bb7ea912e75862a263ff48b9fbd0a26833c5ac48be30f44fa80049c5e264952f6bd271cf0809d7963f6458582b070

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/DIFxAPI/amd64/DIFxAPI.dll

    • Size

      506KB

    • MD5

      1a2e5109c2bb5c68d499e17b83acb73a

    • SHA1

      efa15cfa23606dfc355d11580b509e768a50ddbb

    • SHA256

      e70bbcee0d01658ccd201ebe0f0e547b9daff01b7c593a0fdd0c64e5f45d6f11

    • SHA512

      47317d24d02c4122fe175bcd7f5b3dd8823063e7ea63f83961e40f10872642d2d6f6e6abaf5fb7630cf0e9d8cec0d112889600b14ecb8698b81597f52d54815b

    • SSDEEP

      6144:1uS8iJgEjHlmbGQGt20CZPbPBtqd0xYP2MJL:1u8JgfGQrIPfZ

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/DIFxAPI/x86/DIFxAPI.dll

    • Size

      315KB

    • MD5

      cf73c3a03582408d422d4f7a01190d00

    • SHA1

      4582875874d066e8975b8a04488422419137fce4

    • SHA256

      dd12d00ca9c9b1013091e733eae021347ba52dcd69173a7e5e4fd80b45ee60f6

    • SHA512

      c3d82121c0535fc819329b8c6e29078f7e71245528658093ed98dd72af8af1200eede951388d938e9b27c049a0874f5cf686a42aa880da34390a72bc1112c8aa

    • SSDEEP

      6144:T3+rEo4fNwSQCT4YNjtMWDnYPWsjfVnnSSNbVQqbySUB:r+rEo4lWYNjJbYtdnpWhS6

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/ScpDriver.exe

    • Size

      746KB

    • MD5

      600a3037be3380c57cb7b36de053e036

    • SHA1

      6136b0fa8a5e821ac129815ae6a3ec7a63f5a9be

    • SHA256

      ed77236f9e5908867451117250fac38f5ebb635ecb7bd3747cbc578a75f1dcc0

    • SHA512

      2c710fd15ba39f1c90622e3e4d99b9952147fcde3021274619beedaa2210f6fe8d93fba9c3ecf40a6013bf254138a0608c8882bd37aa0a07736ef93c84758220

    • SSDEEP

      6144:lXjWsbG9zng8ULQa3AsiOXjWsbG9zng8ULQa3A:lXjWsb0znha3NXjWsb0znha3

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/ScpDriver.log

    • Size

      1KB

    • MD5

      29257a3a755046f262673387cabb0ded

    • SHA1

      004a4bb02145ccaa14de5f51e892c66343fc9f77

    • SHA256

      7a608c97ad8cdd61cc2b4b8f948f7f4d8926a51a151e19142d1fe35c01894169

    • SHA512

      330f04973cee3ce475b11eaf09282237c07c642b5ea2339bc5c4be062e8b22586d4170802a7db4f87522efff94d3076931153dc495a6f522b04a26ad989ab1a0

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/System/ScpVBus.cat

    • Size

      12KB

    • MD5

      7492d3a14295cf07247072bc6dfa18d8

    • SHA1

      5b51ea5beec952dfc540f16a391bf13e51af5c76

    • SHA256

      b2f1e2641c9c329c5b28a366952d78fa30243efa8805d1ed8d8909b55024e5ff

    • SHA512

      2fb9dbb8520e0c41b120e2acb85b32c322aba2a3e366c7a46bfdd7389e1f0793e07696dcdde335ff0b2dbe532a1bcd8592053dc31e13f6f5096df29381aeca24

    • SSDEEP

      192:eAIhUb2EOwXMFmIrmu+RTBb6eIpUMhl/lreMIILN6Uh7EsM8II+9iGEfgUv5ImD7:Gwqrn2KPYSPLjYdtRHg

    Score
    8/10
    • Blocklisted process makes network request

    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/System/ScpVBus.inf

    • Size

      2KB

    • MD5

      ca9e7e9b233415fd02a5dc191d6b2df9

    • SHA1

      f1994319f58fa8433e57118c0bf16285d8043a52

    • SHA256

      a79a91be94913074b5a5377db6bc682ce7ae5f344fad5a0de5a6c116aa86e466

    • SHA512

      bf6ccdfb2c90b99f18f65b1dfa1856cb5543891f0382287d4e10ea128500143e5f881ff76db67fa7206ac2af11be4119375c70b4ae233de1e015a42d0734c1d3

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/System/amd64/ScpVBus.sys

    • Size

      38KB

    • MD5

      ad7189e85a0801de0507c610963a3cd0

    • SHA1

      81401e7ba85390a9d21b6e173092971e24b8f982

    • SHA256

      0aa9f3c9d252624cc62ec95fd910c6911e136dd3e66159ceb9857bc7ab70faa2

    • SHA512

      99f1c99bee0fef85d7f3eed4fa466ba15548c2a49ef4ec8a75e440a434b106d30dcfe45b9bb9e03ccfed8e41397a214f1f7723f30d449decf3b489ca7281fa7f

    • SSDEEP

      768:8Qz+6yz3JqnYCblcp6wOuBvC4cTPfZ2Vw2zeOBjEwXxyvJ3GB1b6GCFL2G:8QByY12kwOoER2lKSXCIB1PCF

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/ScpDriver/System/x86/ScpVBus.sys

    • Size

      32KB

    • MD5

      e3c36c487893dc33bce4d4b856c7ff01

    • SHA1

      1768f7275d1ad4b1eb9bdb520843bb974143feef

    • SHA256

      f0c00a22bc3ee91bd5db15695488c232db7b274f3c9c4ef83836030c7d905251

    • SHA512

      e3e57023482f6d4221b1bec3d7d813478c32db418c395a695459880747446e29eb0e6b59d2c4d72990be049b456f12ca432a22480eedab53d6dd84513c176c1b

    • SSDEEP

      384:dtwyk2eCK3PRiZ1bcvrlEeT0OEM8LI9s6kgTr7kiX5vFmXhBcfXaM8l1l3JhDPju:dtupCJeT5EP76kgTn3VFMmva/h12G

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/SlimDX.dll

    • Size

      3.2MB

    • MD5

      5ceb31a41198aeb359f32b17f796e405

    • SHA1

      8588293d01e8eabdc1031f9cc6eca3d267afeac2

    • SHA256

      5d3f892aafe7debbff365a6a00bccf760469068f2a76b775ec72d11fa4c1c1f4

    • SHA512

      08697abc450b24965e9b99a220f1d5eac401461051fb9c68e7f5e1e48c49a5f045c40496c6e57a7198c65917e0f00ee2068e3a1c3723267f49b2597c02a68586

    • SSDEEP

      49152:dabj5zUoBrR/tgD2wAKowwlBP1BMqUH8QRJsAW/eYfRx/LukJK3QJW67eIlTpVcq:dggZn

    Score
    1/10
    • Target

      JOYSTICK/XOutput.v0.11/XOutput.exe

    • Size

      278KB

    • MD5

      d8c185cf31cea4672ff55a67e56fa7e6

    • SHA1

      24718516f7977c5c1aad61be8b4933ce973ce0cf

    • SHA256

      7bd0d106f8d83b11879ccbf3ffd19e70d42720f6df89fd7a6e661a5e4bd452a0

    • SHA512

      a81d7c0b5bef475daaab295ccf5ff5441a04095a8303ae63ff5b2cd097d304e078684b6e7152feb6569a0c376afb39235e04766f093641e91dc68622fcbc3ce7

    • SSDEEP

      1536:F9rdwZ9q1tk4Sl58E+02VDIk8cpMbFFhVWTJpkYqFmSxkhoutiC4/Kxb4O6VyLoF:jdb/PAlutyU4v5utyUFMn

    Score
    1/10
    • Target

      JOYSTICK/desktop.ini

    • Size

      115B

    • MD5

      da134831cc18aeae5af5b2e2a684c367

    • SHA1

      7fba70744166a647250b33386558e5e183fc73b8

    • SHA256

      0e9a37ef6e53135766129379c5ed09a498b2e2d85694dd5f89cdcddee33cb1af

    • SHA512

      5d62c8d33355f749bbbea38ffd6a3cc4e0899a0ce67e56fb0c91016440935991e31c1d77a0265a77e51410eb63347ea3d36e8ba194abf85c7e5abacea82f8e1a

    Score
    1/10
    • Target

      JOYSTICK/x360ce/x360ce.exe

    • Size

      3.1MB

    • MD5

      b6e5bd3c6abd734ac9d66f7dbcdb8409

    • SHA1

      485e46c4dcf4d1274eae63932c024bdf9fc52e34

    • SHA256

      28e424c515f3724c872fc1d5d79709fa9d13e7986c47fb678b90a677a225abf5

    • SHA512

      2e825c315db6761af99385d6be13308bc0f111d024b8a0e9e22d806d54b8312c1864f08799b73ee7b441719fb81d57000cfc5ce7ddc118745ca41226858db67b

    • SSDEEP

      49152:0NbfJJb4/WGdvbKJJb4/WGBJJb4/WGwJJb4/WGA0wr+jTZtaZ3Otfj7UCLiJJe4f:oXbbG5mbbGVbbGobbGABr+dCe6GC

    Score
    7/10
    • Loads dropped DLL

    • Target

      JOYSTICK/x360ce_x64/x360ce_x64.exe

    • Size

      3.1MB

    • MD5

      0b23e452f11b2b42ae0fe6772ac607bc

    • SHA1

      61f5150fbad995b616a5dcca34de33fb052ab238

    • SHA256

      92baa41f94a860ea33409d9f739bb2a0447342bb81eb4e0ac64a1ccb7ac7cbfb

    • SHA512

      502fe140c8ab2aa35cdefcacce19708497514e37df3465094e412f0826ef1dd5588218c2f6ef0706eb56a28302eb4901d6b62ce7d9a2847d0e549d8f61230d1b

    • SSDEEP

      49152:6zbfJJb4/WGLUbtJJb4/WGBJJb4/WGwJJb4/WGA0wr+jTZtY56OUfN7UCLJJJe4z:8XbbGgNbbGVbbGobbGABr+pre6GK

    Score
    7/10
    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks