Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0e295b3c69a6d5cb87154b6a6451476e

  • Size

    1.8MB

  • Sample

    231230-ewd8ksdgg2

  • MD5

    0e295b3c69a6d5cb87154b6a6451476e

  • SHA1

    1e529b5b9f1f9a03055dc0fa60bafe1f33cb2212

  • SHA256

    25a1ed638307b5c361a117048961fffb5533a2925553a2cb44ae61fc5389c23e

  • SHA512

    c96272cdf46f25fc448cfa82ed58216450231abb5587a61742124477f195ed60b8b4e4a0f97809fc1226ac34e13de6e21e586f75eee6f1f90a3e8294457d04e1

  • SSDEEP

    49152:E8cn66NYhXWSiMJI97u0WXccyoo9CtiBNRK5lH:dcvNYNjiII97ujccyYtiJK/

Score
7/10

Malware Config

Targets

    • Target

      10.exe

    • Size

      23KB

    • MD5

      7d37085597cbb581e7f16f3ce86704f7

    • SHA1

      7d2105b07c191eb59aeb9b79d1381eeebb5da634

    • SHA256

      2fec88c49d917361318ba9b844ed2ef24e9bfef5522308b2438dc4b5e36f1253

    • SHA512

      2aaf2cccf09a47a872f0373a8bb48e9d694192238ac26a5df22e4cc41c0ee2246748ccfa5577ee387700131f497bceb7729dc6b927695501344fb9b87a7963ca

    • SSDEEP

      384:FwA6K73YQaBM5oFIyduoqCG1L4gzjAzk6KuJrGSE5p7Hlv:FamIQaBioFIauoqCWQvBE5pzlv

    Score
    3/10
    • Target

      12DNF小马.exe

    • Size

      18KB

    • MD5

      e076485da1aef93f3621aa6b7c05ba73

    • SHA1

      3653395ed051c2524a057ddd3803a673d4ba722e

    • SHA256

      7af91034be743da9149c18584ffeb71cb0db100a15739f6169a5b29755a25092

    • SHA512

      fdce6b959d1fd8a1e61379b25d57f0b09c67ba274c9634a301fddefe1cc45ec1eb1b6c158afb37ee8c4e5ecbae14c5c59518dad65210807397c2118c214acc86

    • SSDEEP

      384:IkJcqs0mP5C3SyeTfyEdftyVVhxY+uuyhGy1KSYz:lLhopTfyEBaHxY+uuFVz

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Target

      521DNF-HA(新).exe

    • Size

      1.6MB

    • MD5

      357e8713bd71c96409b70945507128f2

    • SHA1

      e382581e46e170882d31a2694954f240ba50253b

    • SHA256

      dd0341125e111d1182ba1fba5c034f5b2423458bdf211d1081d541acd1d6d4ff

    • SHA512

      2619274bc024eb7f6ddf0bc75a420ef794c37b187833234dd8af8faaec4b1948a0e795997195202463bdd0130432535676b0b1ed193b7e7156d91d16196ee6e3

    • SSDEEP

      49152:kpJOdoMhVXqOB1evpleM0r/pi0oK506SW:AUHDDvevCMGoU6W

    Score
    3/10
    • Target

      DNF掉线数据清理1.3版.bat

    • Size

      748B

    • MD5

      d47c0286cfb16c38bfbb8f82c3381fcb

    • SHA1

      81333cff6cf331214413c6b6134ff3a4da353acf

    • SHA256

      292218fbd6ef7bb751ddcba193f629b3268d046ee2e79182f1da64fc1dbbb5b6

    • SHA512

      0646d9cc45c7ca596e3d2758e88002fa661a6a6c4bf07db2dbe9c4325eb9de3dad21c49b1ab37ac73a9cb8908e6cc5b761599f589ac1d36513a447b967471f20

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      冒火.dll

    • Size

      112KB

    • MD5

      9ae2099c3940fa5a0a48c3869257dffa

    • SHA1

      60baa2301763bf6887296bfd5ef461bc1a183aae

    • SHA256

      e24c82390b05446efe5d82bd5392c6d6d207efc44f6e0c870117a5f1720b181a

    • SHA512

      f4c1e7cbfe0932e0e0c99eecb827c82c144cd7514ac563f517b2ede3d0c25c2b194adf4ea1105cc4873a20e6bfad81d32ccd913d2ea5c1b3f1298503457d4262

    • SSDEEP

      1536:vOPM3eJ3KYc4xMAzUVQlrRrzPiQN+2gkldlaR6c3OEz5Wro936dbWWwsbPlmGIbq:WP7J6YV4YlPi1cxI5WrYmhI5antout

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      查看最新代码.url

    • Size

      96B

    • MD5

      63e27ae20ad17f5ea44cac5b182788be

    • SHA1

      26ddf3def306a9d9f79c6906ca69f42d91570709

    • SHA256

      b83b5e37b0ee8d6110c7a304c1296873c9541ce0c6a5c09034c97d9be1293b3f

    • SHA512

      130384899877cf708479ed6324b8a6c1a8eccce631995ee558459da009eed0866561f7fd03df03f68a1e26c2196b76efb8595deb49d9c3885a0ffd48e3aed5c2

    Score
    1/10
    • Target

      觉醒.dll

    • Size

      112KB

    • MD5

      cee8a9f36b32a0429e0c5bbbfaa0a62d

    • SHA1

      e67d6847b1f021bc1fd3b7af50812b68f09ce3e2

    • SHA256

      cad8564c059307359d0d6e43cadca1246d9637ce8412239c4b4da4e734d3d676

    • SHA512

      bb6a7b7de0ea982d2cfef0866891483c316b66698b175bdebafe6a9b28bd490c9c6c0471ad5390a7278fe0dd98f6a3936f881122b72889b4eababfb3f6649efc

    • SSDEEP

      1536:FhR3GCq9YNyGUTbVOgVij9GcaE1+33R0sR3hOlL4lqNgDl4Z+Dz3LLnq9e4nouy8:jQCq9YNb4ij9GjEo6AOOme8Inq9fout

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      风暴.dll

    • Size

      112KB

    • MD5

      fc6abe71583729f07a5ef6ff9cb04b6c

    • SHA1

      dcd8001a3beb19cee3b952462b3c2975c2caf172

    • SHA256

      0ddd12750d0614132c5665305eb0c6333239b8af63034091c6bf2364e170c9d0

    • SHA512

      0281e195f1fc96588a7f9acf7c1bae8af372362eed12c9d7ff441e96f5c5f245206ed43321dcaaf71303b40e25a069a60fa4b4d1000680e8b5c129f77d5b8160

    • SSDEEP

      3072:bjMom/EgVokvF1IfMDtEoUHgGSVYRlout:XMdcgV1vPoMDtEj9SkoS

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks