Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

AMCAP.exe

windows7-x64

1

AMCAP.exe

windows10-2004-x64

1

SETUP.exe

windows7-x64

7

SETUP.exe

windows10-2004-x64

7

STILLCAP.exe

windows7-x64

1

STILLCAP.exe

windows10-2004-x64

1

USBVM31B.sys

windows7-x64

1

USBVM31B.sys

windows10-2004-x64

1

VM31BPRP.dll

windows7-x64

1

VM31BPRP.dll

windows10-2004-x64

1

VM31BSTI.dll

windows7-x64

1

VM31BSTI.dll

windows10-2004-x64

1

VM31BTWN.dll

windows7-x64

1

VM31BTWN.dll

windows10-2004-x64

1

VM31BTXP.dll

windows7-x64

1

VM31BTXP.dll

windows10-2004-x64

1

VMCAP.exe

windows7-x64

1

VMCAP.exe

windows10-2004-x64

1

VM_STI.exe

windows7-x64

1

VM_STI.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5710c495b83a780b94aef7e4d4365423

  • Size

    2.0MB

  • Sample

    240112-v17cxscdgj

  • MD5

    5710c495b83a780b94aef7e4d4365423

  • SHA1

    6cf2ce5fff165da27291298d7eac7bf7c9d31f17

  • SHA256

    7de34b228cc9adbba044a0a12c86e025e590f667e886f2f94c7d21c159b3b314

  • SHA512

    1b7803d6e3aa2dea4b0c457ef10631c02456ca23486931157487d0e9230872ef2ce7142429afa4945217c16e8d076dd080f4c79ce73db042347d1da412cb52e2

  • SSDEEP

    49152:+wVHKAxZb9JcDoJxDSh7DPtPtvdiouT/dD9QHmg:+Ab9ooJhStPthdiouRBg

Score
7/10
discovery

Malware Config

Targets

    • Target

      AMCAP.EXE

    • Size

      48KB

    • MD5

      d00a7c6dbc76e47faa218d1fbb9f6efa

    • SHA1

      414655f468420dcd6bc44eeeb155785b7be09ff8

    • SHA256

      436b39fd6089f38070298b8e1352821544e2fab8a4aae4fb6404033a8639802a

    • SHA512

      1efb71cb61fe1c71711522d15460375a79ab4ef2455bb59cad4cd1bb6a73dd296cc64e7f67a87bc7f1bc9838f923b4e84bbd5db5e7625347969164a5aa5d3c28

    • SSDEEP

      768:dN8lIHgzLrrWr173jgAUsD136Zmt6o2c8G1ERUyOcg5:dN8lIHgzLrrWRvgAUsx3OE92TRN

    Score
    1/10
    behavioral1behavioral2

    • Target

      SETUP.EXE

    • Size

      1.9MB

    • MD5

      3340bab1c2c7a13dd12e9376dcc5cdc5

    • SHA1

      863ef53a424112eb4387f36c1c7a72910073354f

    • SHA256

      b75ec66a93df2eff82d2feace99d7e1ad3972258eb5294c0aabb144a7c16851b

    • SHA512

      81e4b755a18d9407382b36dd2fabdc759a55b59b23e9ca7ff46c9b16cbaaedbaf70887bad302ceba0e6c679006fb97f1e8dc2a76b9551427ea1198fb4c5a7ab4

    • SSDEEP

      24576:mDdU+YdDjh2vZpRgebJB4Qf+8Q173lQVKjQ3Ouka5T7bVdgX5+GbQ50of0HlRLZo:0dwuFW8QdywPubv4p+8i0ofcpV3o

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral3behavioral4

    • Target

      STILLCAP.EXE

    • Size

      52KB

    • MD5

      7588b622db990e56120317f5ad012a17

    • SHA1

      a45fc4600ee5ace32e84e59b2651398559b21a9d

    • SHA256

      3dd5391cb55dc5f821a50434226935fe5990a030d3e9699ff67389b579ead794

    • SHA512

      960141a44c2e41faded021efe054fe66f0c42cefd3811a3baa818e8ed4a0d9967c7e2d3ae96e11e384ba5514837ae81b6cfa1f76fb934966b14cefaa079b9160

    • SSDEEP

      768:4gnfTKvP6HZX5YJhPrQvhpu3f0RWk3q5KpC7QZ:VmAZXaJhja2bNKpI+

    Score
    1/10
    behavioral5behavioral6

    • Target

      USBVM31B.SYS

    • Size

      88KB

    • MD5

      db56abdf7708c78a6c9269791d878eef

    • SHA1

      943f44498526299d1c166e0d45e2aae9da63f0e7

    • SHA256

      a998c698f872d14fb43c7d50830eed080f3ecc87fc7b2103a8a90e13d46d1a44

    • SHA512

      77add8ea1d26259a8b6a57d827cf94dc7e55ff84cded1efefa9adaf66e50245932d7b2436f56a0c3370046bbca14516ea085085d2916ce7ca729b8af5f713a1f

    • SSDEEP

      1536:65qQ5hvCchu1D/7gdYitoIQX2dxR77GnSvqQJpEmiOOWjZe:Ohac8Z7gHtlQX2F7GnIqQJpE5zue

    Score
    1/10
    behavioral7behavioral8

    • Target

      VM31BPRP.AX

    • Size

      156KB

    • MD5

      c93d4d89e40288d54edac2a9e8bd771a

    • SHA1

      d3edcd8402873313e45a1f7c1c3e860325cebe35

    • SHA256

      6607fa2e606b4b42bb8a1d16b3ad2551258156366986e8279e5b65f365a2680c

    • SHA512

      19d07b216d6ac898f68ddbc0f5bf1726d6f0d5ebbc2a8e039617aa83bfead27d455271a1deb475f86c41467c027266553e3a295c090f3e8e3fc1166cd9eac6f6

    • SSDEEP

      1536:G3NSRZ+dYCBCugD5BJdta9eZEdKdVHCEp0NxnAn3r:m905BdjZ0uVHjpexnAnb

    Score
    1/10
    behavioral10behavioral9

    • Target

      VM31BSTI.DLL

    • Size

      60KB

    • MD5

      345e7d466d86526f998367038eddcf29

    • SHA1

      9cf4020395bfad8601cc995db83d638203f28c1b

    • SHA256

      5115cb1fe075f4b387da9735c21629008b727e665a92216f93b3dac96f031408

    • SHA512

      888c832c2669b56ff9ca54b9a4a5aded4c9ce650cf15bc713920fe696d51f17c4f95d7298d0b495c0e5d9a89d6eb1fa2881ed90898133e915e744c4c01567246

    • SSDEEP

      768:/EeKC/Ktjd8LotzaTqNLaHAgPQ3i3xEw1hRSaSoREhgl2:/E7XaTqNuHAg4KEWhCoRpl

    Score
    1/10
    behavioral11behavioral12

    • Target

      VM31BTWN.DS

    • Size

      76KB

    • MD5

      cf82126e17c683c6c8777cecc3d817db

    • SHA1

      c5826f770fc2a4c7fdaf35a2604137a34e4d47f3

    • SHA256

      1fa0e406b60efe1d1eb0dd25492528764d683133ab83afd6b0d3546277e6dca4

    • SHA512

      045bfd90ddddfe2230f3a8686eff3040d9bd326c52f5cc4013072c60a4fd7d717f728a98a3dc35fbe41c8a85fc1cdeb25564ba7274b76ba05828583d2ea129dd

    • SSDEEP

      1536:GTG+zHnplBw/LxC2KMP7tGv5eOUL5CfMWaKga/DaBa4a+avajaoSafaLt:PLxJ8k90J6A

    Score
    1/10
    behavioral13behavioral14

    • Target

      VM31BTXP.DS

    • Size

      84KB

    • MD5

      d7ae54a6fd9b68bcb2a94d6184e01d1c

    • SHA1

      6a3bc9efec2d2c6ca29c7eb0692f8b2c02ba45d8

    • SHA256

      151151e8f439c89790c5932f877e0d5d7d25492dc6d11eebc23ce371bc8b7ce6

    • SHA512

      7727cd2e628cd9692fa8d21bafd49dae2cdeb4a7dd5e2b5abe573fbbde902ecb417e8b6e23084451775856ee19b5f96acc266def18f12278e4d537c3bcb2c8dd

    • SSDEEP

      1536:ptUwUqOWfriefIB4CybuVsP7tGv5eOUL5CfMWaKga/DaBa4a+avajaoSafan:7UJWDG6C5y8k90J6O

    Score
    1/10
    behavioral15behavioral16

    • Target

      VMCAP.EXE

    • Size

      144KB

    • MD5

      5f0deb3236adf03c2e419316afd126b1

    • SHA1

      d34e539cf5b0de68c0b7416254a720a3d4fe38b2

    • SHA256

      760c2944ffeedffb1f86eba4c63d58bdb80a95480b3f4c15d5a8104aa137d03a

    • SHA512

      764016abd97f51f12a49c942201e084061e56e0050caf737e85c14890fa4e3dc841a073ef013c5ac1b1f88f04cfbb1aa88ecb84e5d712aaf6c44cb5540ea8b18

    • SSDEEP

      3072:R2sRnKDqxaGxDazNUOjXQ2Ar1OhmuBKxQkAep6mIpcfioGj:7LwGxDvOjrAxqp4p6Bq

    Score
    1/10
    behavioral17behavioral18

    • Target

      VM_STI.EXE

    • Size

      40KB

    • MD5

      e71915dd1608c0864124bf45cf715a08

    • SHA1

      deb7c886195b53e255b0ee7c63aa5188774c4526

    • SHA256

      519b13b311928acfdb3c30640e6a1ac67a38946c2b66a69839fa31251fb6dfcf

    • SHA512

      69627da39f8c4d250f485f4134dba22c12be9044d9d1b27dc319814c52218c6ff10d86ac7cbbcce7121253c31073c29bd33a513c0b8c975dbb7d76ae16017bd1

    • SSDEEP

      768:355IoHgL0wt1gu7l7l6bSwknXnDsOoqM:355Xbu7Rl6bSJFov

    Score
    1/10
    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks