Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

u960_recov...pi.dll

windows7-x64

3

u960_recov...pi.dll

windows10-2004-x64

3

u960_recov...pi.dll

windows7-x64

1

u960_recov...pi.dll

windows10-2004-x64

3

u960_recov...db.exe

windows7-x64

1

u960_recov...db.exe

windows10-2004-x64

1

u960_recov...ot.exe

windows7-x64

1

u960_recov...ot.exe

windows10-2004-x64

1

cache/tmp_...ibc.so

debian-9-armhf

1

cache/tmp_...ils.so

debian-9-armhf

1

cache/tmp_...log.so

debian-9-armhf

1

cache/tmp_...ibm.so

debian-9-armhf

1

cache/tmp_...c++.so

debian-9-armhf

1

recovery/recovery

debian-9-armhf

3

u960_recov...rgRush

debian-9-armhf

u960_recov...ry.bat

windows7-x64

1

u960_recov...ry.bat

windows10-2004-x64

1

u960_recov...ot.bat

windows7-x64

1

u960_recov...ot.bat

windows10-2004-x64

1

u960_recov...ry.bat

windows7-x64

1

u960_recov...ry.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91e88a7af53477dbb2b615f2a5cc3591

  • Size

    11.8MB

  • Sample

    231222-p5t1habhfm

  • MD5

    91e88a7af53477dbb2b615f2a5cc3591

  • SHA1

    c22af52bc211e070ae18388adb5c8b8091b01058

  • SHA256

    7ae05c4164362a9072cf5c30d13f9f0ef8840aac009d976b05c7b05f2a905e07

  • SHA512

    4a57d1cd81e42ed345463acb669c10ebee08c56cddf1b838220acbb77a30e354df21d8e3e188bf3c772099f38642c22fe1aa1f3c5a7ee87d1cf15e898ff3ba93

  • SSDEEP

    196608:6Bs+9I7OrtZEi81EFtJbLKKUIwIsrG6qNovFRM5vV/pys+9I7OrtZEi81EFtJbLm:pKIQFtJbL9gGZNotRM5tRKIQFtJbLu9z

Score
3/10

Malware Config

Targets

    • Target

      u960_recovery_5.0.2.7_c4_cn/files/AdbWinApi.dll

    • Size

      94KB

    • MD5

      47a6ee3f186b2c2f5057028906bac0c6

    • SHA1

      fde9c22a2cfcd5e566cec2e987d942b78a4eeae8

    • SHA256

      14a51482aa003db79a400f4b15c158397fe6d57ee6606b3d633fa431a7bfdf4b

    • SHA512

      6a2675de0c445c75f7d5664ebe8f0e2f69c3312c50156161e483927e40235140d5e28e340112ac552d6462366143890a8ce32dbf65bd37e27cb1ea290fe14584

    • SSDEEP

      1536:npCxybY0FS6MqS6WvgD9xj03TabrFvY5J6sCGt:npo0k6ZWVTaif6sCG

    Score
    3/10
    behavioral1behavioral2

    • Target

      u960_recovery_5.0.2.7_c4_cn/files/AdbWinUsbApi.dll

    • Size

      59KB

    • MD5

      5f23f2f936bdfac90bb0a4970ad365cf

    • SHA1

      12e14244b1a5d04a261759547c3d930547f52fa3

    • SHA256

      041c6859bb4fc78d3a903dd901298cd1ecfb75b6be0646b74954cd722280a407

    • SHA512

      49a7769d5e6cb2fda9249039d90465f7a4e612805bba48b7036456a3bbd230e4d13da72e4ade5155ddc08fe460735ec8d6df3bb11b72ff28e1149221e2fc3048

    • SSDEEP

      768:HLNk0yiFYWkgALpW+QvSugX0wUepQNXTQXdF+Q+An70edrqqOkIW:+yY8wugEwOVEXdz70e4gI

    Score
    3/10
    behavioral3behavioral4

    • Target

      u960_recovery_5.0.2.7_c4_cn/files/adb.exe

    • Size

      158KB

    • MD5

      7d6edef3c81b04b412b258d98aa2952d

    • SHA1

      a5b77b9fc6f1b41062449387ca8ff0b36c8c79d6

    • SHA256

      6ace04f6a42e5d587bed5ea110a9eecbca335e59049da68d367ef3ff396d735d

    • SHA512

      092a3dddd89fcee825d8e8120bb2ba3c3c6f029a673a01df7e679f41ca336ef42ec68e6c5fa4355990a30f999cb40007c066694b6393ef30cc47adc58c02dd4a

    • SSDEEP

      3072:pxR6RERIILUWM/yegPQ3uxY8ebRTR1aHaWO2fapUGpURnTBfL:QyRIOeg4+Tw/GNO2fapUGpSnTBD

    Score
    1/10
    behavioral5behavioral6

    • Target

      u960_recovery_5.0.2.7_c4_cn/files/fastboot.exe

    • Size

      970KB

    • MD5

      2bd9418e8873037f3cf938094620053a

    • SHA1

      c051a46ceff5c304fe91f1af9a79169d11083be7

    • SHA256

      4aad966b2efc7861d249ede8b294b32b1af06326080b801544dbbec7020342a0

    • SHA512

      b015d44b97b2f460028d9b3bc83ef2ca805f8eedfd58e29ae5699c755c3bc85671300451fdb5578e3148d096f8127c80dc41df36be4685b9b925bfbaade0d8c2

    • SSDEEP

      12288:+vLTIoOQHZ/POBEwIEA8tAiC1sngzHawKrWKUYUZh60EUE:+DTImVP8tAiCkgLZYUZh60Q

    Score
    1/10
    behavioral7behavioral8

    • Target

      cache/tmp_897/tmp/recovery/lib/libc.so

    • Size

      267KB

    • MD5

      5d97e5045b6f49aa6914b8dd7931615c

    • SHA1

      eda0dca6d82396a461d030f7abed6eade8e0998f

    • SHA256

      181e46cdf475cc32884a2b2b1e6a268977f3f3c2b6b148a6f5a61473178125d9

    • SHA512

      e1116fb6ad2a293bb4efa0adf3e7a5d9eed4ea57b3da8a4d8140e71db3f16ec8cc7f8a6a170b73ca23f191c932df935ebe6e80a3ed8c3db79f15fee6c0f77614

    • SSDEEP

      6144:m3b5YW9Uq/E9gY/7B5L9NU9ez5YjzedK1A1B7auC+l4HA7MbIR7WmP2w7:Ob5YW9Uq/E9/B5XU4ymk+l4gIExWmP2w

    Score
    1/10
    behavioral9

    • Target

      cache/tmp_897/tmp/recovery/lib/libcutils.so

    • Size

      54KB

    • MD5

      50049bb2effa824cbda9f2264a692d34

    • SHA1

      bdfcd24c861a0ae4ada6a7aad71c9b58a47f4608

    • SHA256

      c693c3fc627dd6c9320bfac6cfb9cda86a658a04e5cf685660bf493718d572a3

    • SHA512

      b3ee2ceb1f5d6d42e93fb5c2b107a42d3d56c0ea31e63da30d5f84933212089b8e62372942e900a0b6665113973c8e63173debcb22b30f6e527de5fa50cd8df3

    • SSDEEP

      768:kmzIA0vzQLKgn8Vpz0hmdQXDcLslNZzkq1q57vwfCn2pITWN+WwbO8JrdxwV:HIBrpi5F7ZzAb6C2pEOgdxI

    Score
    1/10
    behavioral10

    • Target

      cache/tmp_897/tmp/recovery/lib/liblog.so

    • Size

      13KB

    • MD5

      6f333ee202bbe3aa10eaa42ef501b823

    • SHA1

      302540b5fb5904353c7a9aebfad97198fa3cc389

    • SHA256

      03aae94a45ae3eab92adaabfce9e6694a36b624bec4d8a15afef5721acbe157b

    • SHA512

      6d77d0a28c9440a9016bbe29aee514b2ea7029cae61abe1dca44370d5235a92238cf0aa20452f39a245cdbe067afffb2d7eb85f4e55abdec668741b694b75a6e

    • SSDEEP

      192:h1sNOYHw2BQnNtHnR8KBswwbj5SFOPT6LzgL7jKdshbHpRnzN4OUC:gNOYQ2BmNtnuKBs9jEFFm7jKuJRnp48

    Score
    1/10
    behavioral11

    • Target

      cache/tmp_897/tmp/recovery/lib/libm.so

    • Size

      89KB

    • MD5

      f2888fd650fa2a0f77e6307db0c23405

    • SHA1

      d15d155649af85305c4738886f94acbefd5f4cc2

    • SHA256

      7ef0641cf806c9bf784caa34c8a11b58f2b863c16d1799d112d80451321b6bfd

    • SHA512

      64daccb02d832ea76f32cebc89b77dad277164a0625965685a97a43e6f456f72b94f3fc8c4106334864bf883f46feedf2529bddbfec120a75585eb417b80b560

    • SSDEEP

      1536:LkVVLyaORznJ5S/J0icVUCX+VbgRAmRBUJVsUJD/ij8ypMScLDWZfuAiIh:E0acJ5S/J0icVUCTbRCjNyOSkWZfriE

    Score
    1/10
    behavioral12

    • Target

      cache/tmp_897/tmp/recovery/lib/libstdc++.so

    • Size

      5KB

    • MD5

      121a068e8513a065f35abaffe09c74b6

    • SHA1

      bd50887222d9a03ed683bcc94525b32b1405c0a7

    • SHA256

      902854c82a5eb35b0117736e736a1b70b5dc6d6ac16d77edf4a536093704ed90

    • SHA512

      16062019801b4d102ce94121c88242487f07be32ad88b19681d0ba91f4f7951c322ed0579481a9d3222a8672bb2297a04c46a9c50ee25ec97b4b57cf86fe3eb2

    • SSDEEP

      96:1tSb9hriW0oPh1j1KDv0Voy0WJm2YCLKdxu:1ti9hriWpPhx1KDv0VpF+K

    Score
    1/10
    behavioral13

    • Target

      recovery/recovery

    • Size

      420KB

    • MD5

      e1a260a49036acc20e8adaf81e907b8c

    • SHA1

      04c017f5a79a6519bb0c9fe8bff7b2fb9ae85c61

    • SHA256

      6df9c8a5d2e2e0aefdbd4134618c683dd15f3336dced3bfdfcad28df0a5d8c72

    • SHA512

      698809ce5a0fed1eb1d8e53b502cf1999d705e47f11109608fd053c753d19173c29b6463abaf70f0086c3c072aab243c315e47a1347af02031a115ec4c42488b

    • SSDEEP

      6144:lwL/Pf49pPR0dS7BHgbI2Mlm4/4pizmMzxZx8U1uIgA8BRauZIPCl7wuoba6NGpp:lhRdT3lQpM1IQCl0uobaNpljTgpo

    Score
    3/10
    behavioral14

    • Target

      u960_recovery_5.0.2.7_c4_cn/files/zergRush

    • Size

      22KB

    • MD5

      e0355dbf83e9bb67a47e69d7b79c1277

    • SHA1

      1c1a2e6261537616b7622f642db307510a954749

    • SHA256

      7b16f3438988f0ad6d7d29d6b4e342c7eb956d59cd2819661d5cb44fb293aea7

    • SHA512

      da5180cdd7b71399a7587af6e3c30bc9a02e6e89e0a3e33d4fd7ed18e600d4d76a5a6f224ece48fd214bfa51fccde9933819509c4f4cd8ff7a09d7607708bd35

    • SSDEEP

      384:y6PlYzottrNiB+g8J/9eaZjdw9c9shD2G0:yUYzottrIB/m40GOahD2

    Score
    1/10
    behavioral15

    • Target

      u960_recovery_5.0.2.7_c4_cn/安装recovery.bat

    • Size

      1KB

    • MD5

      9f692dae1af3ff3c975914696613b510

    • SHA1

      7668f4629b7c6c32264f734be3e9fce6a79c17e1

    • SHA256

      e2501b6c9a488485aa10720a36f4bf1e08e55c1802f0ef6dff7747b2cd94b3da

    • SHA512

      a5afc7706d0c3b99fcd59ec017984f28afa40d2f61bf6ccc490637479733bb6a57d1cec3f01812178d42316ee2d66506b7540f9cce76db4c51274ca9206a79ae

    Score
    1/10
    behavioral16behavioral17

    • Target

      u960_recovery_5.0.2.7_c4_cn/安装recovery_adb_root.bat

    • Size

      1KB

    • MD5

      956fbc475909c893ae08a26f0af7e2a5

    • SHA1

      36ffab5d36e9127f946addb166933c3a83f40040

    • SHA256

      eeee5e8e83ff8a023a4212e2b30f31b85d455b8774155e5707507751de08348a

    • SHA512

      ec37b91963aa93f26c9c80e6e75aa612c857d40f536c31840152af0b61527bde77c11f3142cc98ea2d853ceae2189cfacf2248e09b83bd6b380b439befaa8aa3

    Score
    1/10
    behavioral18behavioral19

    • Target

      u960_recovery_5.0.2.7_c4_cn/直接启动到recovery.bat

    • Size

      472B

    • MD5

      e341d705e68739d7b145625f2b92a3a8

    • SHA1

      0b2e0b1dc8f03d963daca66d7f6aacd626328188

    • SHA256

      3bb94a13f78a15798907d3cf7aafb7a8e61ecbdd109c9ce876312f6f2394865d

    • SHA512

      43f739d79e8456b5cc71003841c46b7673eb6a531c7f94681d634a0ad9af14007e93851ad49ab3256a38f52d0b6e66c7b20a0ed5b2b71a45db47f13aa6065ed5

    Score
    1/10
    behavioral20behavioral21

MITRE ATT&CK Matrix

Tasks