Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Duplicate ...16.exe

windows7-x64

7

Duplicate ...16.exe

windows10-2004-x64

7

feniks-sit...ik.url

windows7-x64

1

feniks-sit...ik.url

windows10-2004-x64

1

feniks-sit...io.url

windows7-x64

1

feniks-sit...io.url

windows10-2004-x64

1

feniks-sit...pl.url

windows7-x64

6

feniks-sit...pl.url

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Duplicate Cleaner Pro 5.16 RePack.zip

  • Size

    48.9MB

  • Sample

    231231-r8rewsbag6

  • MD5

    6b303d829b33b2e0b5a16f09beaddbab

  • SHA1

    3650efd1ce2bffb3bfbd8c7819d961ccb09919c8

  • SHA256

    b547cc10cba116a3c7a237fa5469fc4cd7351a1ab7edfae4147458c7127aa668

  • SHA512

    faa529cfee9c7f7aa612b2d9a20733656c0d74f801a1988627f12e67f8efb233e5f717853bb5646ceb20f502f5ff8b6ce64be21f9ba84b04714ea0b7cfca44fe

  • SSDEEP

    786432:1XzsdX4VsCjsck73NOYJ3HcBdq6MSr4NFUCmu+AMIdciGQynNcPqq:1XG4V1s979OYNuvMSvtJAMGBGXK9

Score
7/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      Duplicate Cleaner Pro 5.16 RePack/Duplicate Cleaner 5.16.exe

    • Size

      48.7MB

    • MD5

      ab413f5789c16c5607a489bf608f1036

    • SHA1

      230985872b049138f416642e2c9e2d499cfdf5c7

    • SHA256

      258cafd85557926016126321b0ed7d3df31a728c5b16c16c7da1744fcd0415bd

    • SHA512

      2c36b9b6215657cd4923222e271ead27c691dad36ec60bcbcc46ce63f1b5d5c83338dfc8f60312295068739ef25d9a523a165e4304ae3960f189b0f7ec6cbcb6

    • SSDEEP

      786432:T3jWdZevCMBksIblng6Fv9MPHw6GQnEdTg6KIIs8qJ4EogI97YDW0:T3gev/kZbFg6BynGQ9Nds8ELo9qt

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      feniks-site/Czat DISCORD Feniks-site.pl-klik.url

    • Size

      181B

    • MD5

      1eb0258474dc753aa3312ea7b89e5f50

    • SHA1

      f930a3abe8469c8f722a9f9978a88c5af52d34e2

    • SHA256

      720db2c5e0bd83e3d85f461646d1d1fb8d2b26e011131825306d7b0a7b049d2a

    • SHA512

      867b226b0ae79100d33eecf450b54ba4acd72e3a0976f06a643c3ab3a9c9af492ce54082d2aad4e730e303806fcea50e3e27109dc51dbaff8ba47cfec394d431

    Score
    1/10
    behavioral3behavioral4

    • Target

      feniks-site/Feniks Radio.url

    • Size

      127B

    • MD5

      82f4afad8279987c34a679185889f83c

    • SHA1

      77ac37fde8659568ae971ca04ed87c37b6c722b7

    • SHA256

      1c636aa5e8d08d045edf61ff44b571d15279f608cf1365de0cb67d6dfa758dbc

    • SHA512

      fbee7001aa5477610d7250b2d3c7c309edd11767cac4da5f45feb06fad3226f7dd1f6e371c216b1e8d69768446fa1f6e20b10a14403f49fb858b41a131daddf6

    Score
    1/10
    behavioral5behavioral6

    • Target

      feniks-site/feniks-site.pl.url

    • Size

      129B

    • MD5

      257ea776cc82c3289c9d6cac68021c04

    • SHA1

      f1777f0290e9a4ea32950d50d5bb04ca2127c79c

    • SHA256

      2a05e363505b5b47eb84568b45bfc82b20b3f8121bd8cf4af2a3d5b065b4c06d

    • SHA512

      b704cc1084f9290037fa08b25b24867be3f228b4b32f9c7b56d9795f4a3b94f1f268064c133321dab94dc66d0df6c29917c6dfe728b74e63e70d8da92318eb03

    Score
    6/10
    evasiontrojan
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks