Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

NovaClosetCheat.exe

windows7-x64

7

NovaClosetCheat.exe

windows10-2004-x64

8

� .pyc

windows7-x64

� .pyc

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NovaClosetCheat.exe

  • Size

    84.5MB

  • Sample

    231230-rxx4ascde9

  • MD5

    1c771b7beced636731f297820c9396b9

  • SHA1

    b908ba323a605c723abb552218f4bb9d522ee75c

  • SHA256

    ebb5d35149b7de84c0483c9071d4412976796c0b76ede033d8b271b72b5eb64e

  • SHA512

    d0f223a711fd02b4df12d8baa32b4ba9e2cd153f2e5edde8524a9b049adf7ddf57240fde4bb6c30e1837910b5a261bafe793ca04935ab96c8393fab92c7f6594

  • SSDEEP

    1572864:aiRiJDePU1e4iamkhLDyPl4QiZh3/tQE88nZGjSYukZg7jaE7pPZNl8W9hP50d:aiRj4e4iadhLDy943r/tQonZODzZgvli

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      NovaClosetCheat.exe

    • Size

      84.5MB

    • MD5

      1c771b7beced636731f297820c9396b9

    • SHA1

      b908ba323a605c723abb552218f4bb9d522ee75c

    • SHA256

      ebb5d35149b7de84c0483c9071d4412976796c0b76ede033d8b271b72b5eb64e

    • SHA512

      d0f223a711fd02b4df12d8baa32b4ba9e2cd153f2e5edde8524a9b049adf7ddf57240fde4bb6c30e1837910b5a261bafe793ca04935ab96c8393fab92c7f6594

    • SSDEEP

      1572864:aiRiJDePU1e4iamkhLDyPl4QiZh3/tQE88nZGjSYukZg7jaE7pPZNl8W9hP50d:aiRj4e4iadhLDy943r/tQonZODzZgvli

    Score
    8/10
    upxevasionpersistence

    • Drops file in Drivers directory

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      � .pyc

    • Size

      190KB

    • MD5

      1e4f35e776e3fa81d26fc27154885c68

    • SHA1

      e925f7b68a925cae158f40ca70316dfe4292a1ee

    • SHA256

      48ec5986bed0eef47edb8e63f07bf400de62ae6a5534961395ffb51b30396114

    • SHA512

      a4d4e37bf966c81508933c997486f90b3728d42e9d05ba36728886cb1c490f08ff75be4e5bef4a724b739b78c70d8ccb6111ddb1dc1ed977841a1a048664b12b

    • SSDEEP

      1536:FjEs5wzpizuIRf84IJHBKDzLmYSieWZtBKk3+X53SRG+HMctoFBSuS8/0sL0h8xV:Rd85BKDzLOieWC4nZeS8/0CzLKNwb1

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks