Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

df-connect...ws.zip

windows7-x64

1

df-connect...ws.zip

windows10-2004-x64

1

DF CONNECT...)1.lib

windows7-x64

3

DF CONNECT...)1.lib

windows10-2004-x64

3

DF CONNECT...)2.lib

windows7-x64

3

DF CONNECT...)2.lib

windows10-2004-x64

3

DF CONNECT...TO.txt

windows7-x64

1

DF CONNECT...TO.txt

windows10-2004-x64

1

DF CONNECT...te.png

windows7-x64

1

DF CONNECT...te.png

windows10-2004-x64

3

DF CONNECT...us.png

windows7-x64

1

DF CONNECT...us.png

windows10-2004-x64

3

DF CONNECT...ns.png

windows7-x64

1

DF CONNECT...ns.png

windows10-2004-x64

3

DF CONNECT...ng.ogg

windows7-x64

1

DF CONNECT...ng.ogg

windows10-2004-x64

7

DF CONNECT...p1.dat

windows7-x64

3

DF CONNECT...p1.dat

windows10-2004-x64

3

DF CONNECT...le.dll

windows7-x64

3

DF CONNECT...le.dll

windows10-2004-x64

3

DF CONNECT...pr.dll

windows7-x64

1

DF CONNECT...pr.dll

windows10-2004-x64

1

DF CONNECT...ll.ogg

windows7-x64

1

DF CONNECT...ll.ogg

windows10-2004-x64

7

DF CONNECT...re.ogg

windows7-x64

1

DF CONNECT...re.ogg

windows10-2004-x64

7

DF CONNECT...ro.ogg

windows7-x64

1

DF CONNECT...ro.ogg

windows10-2004-x64

7

DF CONNECT...st.ogg

windows7-x64

1

DF CONNECT...st.ogg

windows10-2004-x64

7

DF CONNECT...od.ogg

windows7-x64

1

DF CONNECT...od.ogg

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df-connected-v2.7.6c-windows.zip

  • Size

    190.1MB

  • Sample

    230921-zb7dvaad61

  • MD5

    32b296bd7617c71773ef914411658430

  • SHA1

    8f25b7092d60ba4a24f9e7f3eca3507428789a13

  • SHA256

    282b2bba57bb185fb81d4f401425efa9b6a6f99111640d99521b86b088f9aab9

  • SHA512

    6e97766a421cf2d2ba3d7bb7175ebd0228244c9d083d7e4c8e8c2797cde4b48609cb326774cc31194dbf3ab6e47e31414f7ec8eaf778d5074fbf225207463610

  • SSDEEP

    3145728:jLbqZBkSLBLizmxXprBX6hagvXPDthOIkXOLPEY7odeDjmlnX2WbsJTIoIK7CmMx:jLbqZSSLNiklglDLOfXIPHokD0X2mqN4

Score
7/10

Malware Config

Targets

    • Target

      df-connected-v2.7.6c-windows.zip

    • Size

      190.1MB

    • MD5

      32b296bd7617c71773ef914411658430

    • SHA1

      8f25b7092d60ba4a24f9e7f3eca3507428789a13

    • SHA256

      282b2bba57bb185fb81d4f401425efa9b6a6f99111640d99521b86b088f9aab9

    • SHA512

      6e97766a421cf2d2ba3d7bb7175ebd0228244c9d083d7e4c8e8c2797cde4b48609cb326774cc31194dbf3ab6e47e31414f7ec8eaf778d5074fbf225207463610

    • SSDEEP

      3145728:jLbqZBkSLBLizmxXprBX6hagvXPDthOIkXOLPEY7odeDjmlnX2WbsJTIoIK7CmMx:jLbqZSSLNiklglDLOfXIPHokD0X2mqN4

    Score
    1/10
    behavioral1behavioral2

    • Target

      DF CONNECTED v2.7.6c (Windows)/GameMaker Server+(Windows)1.lib

    • Size

      176KB

    • MD5

      af8e46fe2a1ac47af32fa8de12d93f05

    • SHA1

      bd0ac7a308f6c21f18250557bb6147b114883da8

    • SHA256

      29903db606cbec3db3712b71a6c46baeec579590bf57c9bd44c67bda60987524

    • SHA512

      ce16b97a3eb0b6a6d96d63971f9f4a924e7d27d76ad31bc9cdddc963efc94c0b29d24952b23c28a52159550d23bc38369ab9a5153402be04c061af1b6ee33ac6

    • SSDEEP

      768:UeyIcT9CJgmmqDerdQcDCQWcc6m1WWPlluw249XH9BCjFF:3ynTsammxPc6m1WWPlluww

    Score
    3/10
    behavioral3behavioral4

    • Target

      DF CONNECTED v2.7.6c (Windows)/GameMaker Server+(Windows)2.lib

    • Size

      72KB

    • MD5

      7aed9f12cf3be3db36d6b039d07233fa

    • SHA1

      8198f728c69be6cfcc3fd920bb4e7ceefcf0ea98

    • SHA256

      70f6c1f6aad1e94d59ee80f372b4a4f58960981ff03cef8fa917dd4fe69b0acf

    • SHA512

      2a162bd3a40ad9e9378e78ea9389a62a906dfa3bfb258b74ca25e9ef2ed9da2b48e6090a7a85b0fb429f0928bf1f525e314e0b6fd1120b66601fcdefb57833b6

    • SSDEEP

      192:Y77G4ncw77RJwOzy+fUHa36gd//rn/5njZn+XzwH0zvY/JxVB6rYFXZLY7Xjf/LY:OfU6kbYFg8

    Score
    3/10
    behavioral5behavioral6

    • Target

      DF CONNECTED v2.7.6c (Windows)/Maps/CUSTOM MAP HOW-TO.txt

    • Size

      932B

    • MD5

      b54da946eeda303cf2a59ce0e9798367

    • SHA1

      f3fa64b0a91bd99bb9efe93131028463af15694b

    • SHA256

      7dcd9af56c12d1d2f890e961007bf03480eace803fed319627372f01c9935873

    • SHA512

      06b5ee1264543c464f2af11e3f4c4d2b708979801b4de26ff0584f2b3f9e16d1f2f071516a1cec3fb6c331cc37d903c99798a460ed5d91028d1c27bc7f18a430

    Score
    1/10
    behavioral7behavioral8

    • Target

      DF CONNECTED v2.7.6c (Windows)/Templates/template_charactersprite.png

    • Size

      1KB

    • MD5

      d6974e11438b17fff6f57c8c559c3053

    • SHA1

      09d0782ed4862129af50aafaa747f1b4cb635a9a

    • SHA256

      f7496700c029dac6699ece4855f6e124f2c36ac95548a452778a611c950761af

    • SHA512

      fe71a7c5f5dfb9cce03e83c46e683e82c19a652ec2b0bcd4f601cb07524a35d18248a9c270162d51b453bf246d8816fa48553321dcab54811669da8411a48a71

    Score
    3/10
    behavioral10behavioral9

    • Target

      DF CONNECTED v2.7.6c (Windows)/Templates/template_portrait_papyrus.png

    • Size

      284B

    • MD5

      9055aa4f50adc8f4a0bb2b4bf5b52f5e

    • SHA1

      05cc050a184c0a976bcf0e9b7f034468a8b9d580

    • SHA256

      46669156ed5a223c76a7f9960c484fa4bc8399f7e5906ef89366dcc961cb99e1

    • SHA512

      ab0331a0dbd5af04b3f9ad8dd887d0f71ebc7f0b44b336bceb27f1923a10e2020999e38b5fbe3b9972c7175a3e0a85150a54fb71c4f6976a3039b53f5bd3c39f

    Score
    3/10
    behavioral11behavioral12

    • Target

      DF CONNECTED v2.7.6c (Windows)/Templates/template_portrait_sans.png

    • Size

      324B

    • MD5

      616235f95877f45db6fe6cbfa181ed88

    • SHA1

      4c1eca4aa44607a3ef9ca1873dbbcf37295b1a51

    • SHA256

      7f92858892bae8845d827dea1ad343baad88441a31047b24f2abc0742a29e95e

    • SHA512

      c3b6df30b9d6ee09e62f4f341b0beb5ebdb0bd45b0d7890f92b7031302f70772518db45eb41310023bd29e75dad574f826407166312798727b3a8052ac82386f

    Score
    3/10
    behavioral13behavioral14

    • Target

      DF CONNECTED v2.7.6c (Windows)/Windows Ding.ogg

    • Size

      15KB

    • MD5

      b3a2a47da63221713aed0d07e69707be

    • SHA1

      a2116f0b38b04d81b05679ff38df71af531f2be6

    • SHA256

      45d9ba7d423fb42b2a5d7322a6f64daac2732299f3f3fc00bd08c779957bbe5c

    • SHA512

      163b71b18582c4471f54346725a7b91601d69c40424121aacebfce2179ef281cf4d95286348c2461025a33838a02233e437b0838af3908ce9e77cca53f2d8a11

    • SSDEEP

      192:tTDJo+OFStqq3gFdGClJ3wH8AWfU4kzQ/iV/sP5RpsRzL6AMrx6pFfIafvC8iYI9:tni+OoVe5E8ls1Wps5Ax6XgaHhtZS8G3

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      DF CONNECTED v2.7.6c (Windows)/audiogroup1.dat

    • Size

      15.7MB

    • MD5

      78fc95f16cc7300a4e034da41d887514

    • SHA1

      e80bfbe31f764fc14f71dc34629943b4339dabb6

    • SHA256

      e477f43aa105d8f0d9eff9a5535f19a0d7bd4e0077adf14a9f915ed5a7ffd59d

    • SHA512

      a49cbfd19b913c06b0d5c983874d1a2e7040481d5d7dfc59b27c17dbcb02752fabe489acb4c8731bfca3b3342a730a91ca1b2253d0a7c5434f49803fc8c31ccb

    • SSDEEP

      393216:c9NPZNoFaIPvddrYNe0jsstuFm5y6Lc2al8RtU4YS5BcMyBpahBHjBkS:c9xZNoFa+ldrYNeyXtu6ZR95BcnCv9H

    Score
    3/10
    behavioral17behavioral18

    • Target

      DF CONNECTED v2.7.6c (Windows)/execute_shell_simple.dll

    • Size

      75KB

    • MD5

      31fa2a28d6a3bf937e5b40d48351d889

    • SHA1

      517c38765d92860b0fef5d52d8dc119848430677

    • SHA256

      6d1a616f0109886278b6fdc5d8320eb164809e0d23b2326d29218c5edece2445

    • SHA512

      adac0989af8ff6be4d964e7e8be209ecb65737f6e6575ff004c22a434f95b8b6156219314bf98a290b1227ff9861b80ae2c736d8dcbddd1bc0130299ecf9da5f

    • SSDEEP

      1536:NKLawL7agDpi7rwzIHkwgEzuqoFuaC2ZRxsWdKcdb3skjEuJ:NnwL7agDp1zIHfbuqokX2JbckjEuJ

    Score
    3/10
    behavioral19behavioral20

    • Target

      DF CONNECTED v2.7.6c (Windows)/expr.dll

    • Size

      195KB

    • MD5

      d6ae8cff79572a2314613e17e4b07158

    • SHA1

      7a163f32a4eef179e70fd87d102c706af5e94ed6

    • SHA256

      ec710408bef0ff9285981b4a923ab5062f5acc1de6c3077ce42b8b05c44bc0dd

    • SHA512

      596110acb254dcbfa58f0e92bfcf53c0638b76fc9a627c26d0074eb94b474aaf28fb3a2589aacf8dd149e7a2f9e76218f72cae5458a3d2cee902d3ecbfbaabd3

    • SSDEEP

      3072:POso5V+AjriiUn5K5cLnhtZb9iZiB8nRsquDAJMeNZiJgnJycLAg0FujNp6m:mzVviiU5KeTzh93B0RBuDAdySAOz6m

    Score
    1/10
    behavioral21behavioral22

    • Target

      DF CONNECTED v2.7.6c (Windows)/mus_bullethell.ogg

    • Size

      887KB

    • MD5

      0bb3809e1847d59714bac20b3e0176cf

    • SHA1

      324fb3a4b99d17931502f1a1eb7a46ad6fe8d103

    • SHA256

      3d32cffaa1a04557763b3e53a5bdfe194af3883cfb97793e250067cffd33b193

    • SHA512

      5dfc7be4f8f533fb4d38786cdaa32e8331cfb1bb19e2e620a1e0a9725e56628e9857682e3acfc6237b9ba6d4efa95bbb97fc84efac231d2f8a095c2895757d04

    • SSDEEP

      24576:YedkPGmcTBSNYTa2ihtSiPHURl97vXKdLHQMX:YP3cTyYzAfHUVDmQMX

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral23behavioral24

    • Target

      DF CONNECTED v2.7.6c (Windows)/mus_encore.ogg

    • Size

      1.1MB

    • MD5

      a76745c7e4b89562b3445776ef480b40

    • SHA1

      2a968e4c3e7ceef04960b312425ea9be54df48bc

    • SHA256

      db99e5386186dff5baba8d8fa5be354ee03636039c849bb9c91eafc812029f61

    • SHA512

      c8ecb22423313fbde5adc279da38f8210dc68a6166ace954f36e3450a987ac474a731dcc52f2cc6c5f897fb4ca933ef46bc4545362077ab45e8d139e71b43e9d

    • SSDEEP

      24576:FJUAzTbb2yQQxZ7Xrcxo0AYNVGjny1BTuzUMHmeGmZHJPPzoO:/Ux47b/YSTUBizUkGmZpHzJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral25behavioral26

    • Target

      DF CONNECTED v2.7.6c (Windows)/mus_encore_intro.ogg

    • Size

      360KB

    • MD5

      8680f2baf73990f1da6b81675672a295

    • SHA1

      0ca4bf56c4967c919ef7450ccbbfa6ecbcb3cff4

    • SHA256

      f0ad0d504b14743e66becc2499de561a06b3aed62b3c20c9f9ab2b046e6013fd

    • SHA512

      91565dbe38828fa6ca108f092e35854adc66bbec8b2e6bdd8f5d2430fff3aff8eaa082346f04d9de31a9ab6f6f1d0fd1f3c491d48f390362625ba6e8fdde28d5

    • SSDEEP

      6144:LlQgsdLaKqjwe4koDKRy8pM3o2iK8PGwrB6eFgBfX8sS5pm9Cu6:1sdLaLjwerQ6ywMpiNPGwWfX39U

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral27behavioral28

    • Target

      DF CONNECTED v2.7.6c (Windows)/mus_encore_ost.ogg

    • Size

      1.5MB

    • MD5

      7c20d8e3ad7613cd8b58748008e02f57

    • SHA1

      63b448dd1f03230f2cc5ca92f72d925dc7fa9068

    • SHA256

      a951d8ea3a02ef8451a7eaa805e00e9f18d335732794a1bb423d698f5add5e00

    • SHA512

      41e529ccf9ec09435b0c73b1dea333c1d45a9dc10f75dc71ed1b2afb2d06b8a2823de66464815a862267aa02f0466fd1e91ddaadb3f2c3d99d8c20eb29b10756

    • SSDEEP

      49152:GtLfyvMbcCdqpyn2UDYFaUgw6Yc74SkxM:GVykfdiyHYFaUrLcEfa

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral29behavioral30

    • Target

      DF CONNECTED v2.7.6c (Windows)/mus_kommsussertod.ogg

    • Size

      6.2MB

    • MD5

      2b266d80969c05cdd024c66505128b40

    • SHA1

      09ed438e378d2a9d6a9d0971c68df6e64ce16ff3

    • SHA256

      17b5f2e8c56d9606abcb9573c14807ec6cef38f26228d766db608001b8227676

    • SHA512

      eebc8106c989b1fa6dd3e5f17c79099fc3a1abb3b7eaa8d68d56ef61d4b0972e024631a4532bedac81e873f616c1f6594b6605a666268100523c9fccf918deb1

    • SSDEEP

      98304:YghlQddqCPCKebHq8zwoNb94mt4PAE+aS44a3mnFDWzunjDe8Pqsu5Dj0e7Ie20f:YgPCP+Zz1N4PALThHnsynjK9f2b7Xu5

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks