Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

KeyMaker.exe

windows7-x64

1

KeyMaker.exe

windows10-2004-x64

1

everest.exe

windows7-x64

7

everest.exe

windows10-2004-x64

7

everest.chm

windows7-x64

1

everest.chm

windows10-2004-x64

1

everest.exe

windows7-x64

7

everest.exe

windows10-2004-x64

7

everest.url

windows7-x64

6

everest.url

windows10-2004-x64

3

everest.html

windows7-x64

1

everest.html

windows10-2004-x64

1

everest_bench.exe

windows7-x64

1

everest_bench.exe

windows10-2004-x64

1

everest_cpl.dll

windows7-x64

1

everest_cpl.dll

windows10-2004-x64

1

everest_cpuid.dll

windows7-x64

7

everest_cpuid.dll

windows10-2004-x64

7

everest_icons.dll

windows7-x64

7

everest_icons.dll

windows10-2004-x64

7

everest_mondiag.exe

windows7-x64

7

everest_mondiag.exe

windows10-2004-x64

7

everest_rcc.exe

windows7-x64

7

everest_rcc.exe

windows10-2004-x64

7

everest_rcs.exe

windows7-x64

7

everest_rcs.exe

windows10-2004-x64

7

everest_xpicons.dll

windows7-x64

7

everest_xpicons.dll

windows10-2004-x64

7

everest_zipdll.dll

windows7-x64

7

everest_zipdll.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7292f5cd6a0d9dbd7da3ac8aadb510ba

  • Size

    8.2MB

  • Sample

    240124-vm2waaeae9

  • MD5

    7292f5cd6a0d9dbd7da3ac8aadb510ba

  • SHA1

    601e76adab0e2164ea07c2d46256610a0499491d

  • SHA256

    d2318c86a5b0311596db8142773d0383b3e3897f74499019b20564f51bcb0875

  • SHA512

    380d4ba29e48c2d57c54379a6a5496db4f1726f5f1a54b8c834da331c654d0f2002117a945037cde6bc7d9f105fcaed3541b9e3d26ce287ae76ae0753a26cdf4

  • SSDEEP

    196608:c703m12QHeZ57jWQRb5Yc3q7j8GJf//u9MllOiVrhI+rUisbBE:630QHIQQRlYiqX3JngMlXrQq

Score
7/10
evasiontrojanupx

Malware Config

Targets

    • Target

      KeyMaker.exe

    • Size

      290KB

    • MD5

      e6a582d1dec13ee69dfb58ab753d06d3

    • SHA1

      071c81a13c3996686f9367574ffea0e3bcda97e8

    • SHA256

      55e802b4c88d530492b504dde620200903389c3713405133320cd58b7fd8fcc7

    • SHA512

      4681a30853e501864235aa71deffc052e00310f830193411b17ebb3c9e14948ad347d959dee7ef4991c6ad479b11b195e8cbc5f4dc59b9d34cb0009432edc2a1

    • SSDEEP

      6144:X2gdlb13yImLF20VrdTAJN1GDG6UwP7KZg5lmQs0jNT+:Xpdlh3yI48ESpszUwP7KZF/2p+

    Score
    1/10
    behavioral1behavioral2

    • Target

      everest.bin

    • Size

      1.8MB

    • MD5

      28453abe6db73aa65f08a6f0ff37006e

    • SHA1

      765bf53bfd291ecda8cf44d9505799fcdc5121cf

    • SHA256

      90036a044f1d07eaa54f3973146acbaa679e237631d7e09cbb53995c3bcfec11

    • SHA512

      d9619d3b9c4e6222cfb8a66f0987496a2d69042eebd0a8f994ffed062b028ab7f992dbcab802142a8dd7b70bf8ba3e426e256f44547605e3ff60aba1e8cb6c8f

    • SSDEEP

      49152:5g/62rP0yObIiIWeHxhwD1TE9i/E24JVlinKMGJ4v:32rP0yxiKhs1TYi/E24Dl0KMGJ0

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      everest.chm

    • Size

      1.9MB

    • MD5

      d12b8f2ccf0623a4579836d5f340c0ef

    • SHA1

      90a0a2fc05791627381ea458abf6e918944cff31

    • SHA256

      638576bd3e2b9e6c78b8840e2f15b69b25e91ffc208581341359ffe23e858326

    • SHA512

      81baa67560b8466f8d278709d3350da460351d8956503d01ee5900e4f859dd6e3664123c1f5d0700a5b460155230e7bc331efff0d37df3afa9817c4d827442af

    • SSDEEP

      49152:hyyTB4vnnKofoa2U9MwxpvdVdU9MAMUZpCrmbiwoHf:jgnKog8RFvd/UZoKiwoHf

    Score
    1/10
    behavioral5behavioral6

    • Target

      everest.exe

    • Size

      52KB

    • MD5

      18413b83982e8c1f9f5f79c344d987d8

    • SHA1

      4e08bb1942084011496ff834779a2ffa7596951e

    • SHA256

      ef62146cb1d1cf3077b457247621f29767b31c1be88ba8a53cdaf9919190128a

    • SHA512

      155737c115acf021f0e6ac917f361dd178abe58de90bb6a240858621c0461c09d521dfbc9cbf471faed35e93840f5d6f4abf64bf4d92bea8ceeec3c77dc61c01

    • SSDEEP

      768:iQH/dc2srWMyUX48yBYwAKOl1OAMN25pBI9QM/EiKiywhHclnONlurSL3H/bymD:9H/+HlfwALS0puQMs7iywl6nONlNfxD

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      everest.url

    • Size

      48B

    • MD5

      34a8aa1f07991b29b918886299bf96b5

    • SHA1

      90b11e21e9cfa5d7929f1aa910703a9dc8c82e1d

    • SHA256

      3e24b3f22618bd99c15227b3868d7d7a6bce3f2c735916bb2a1417f0c9f6b3d9

    • SHA512

      4cc1d3b0b69bb8e093d2f6a6b1f4551a0bc254c43ed8bdb464936a18d925d1ff25fa1b9b781cc66c19c409e836676355f6bce253a9a46673fb37f90e73a51057

    Score
    6/10
    evasiontrojan
    behavioral10behavioral9

    • Target

      everest.web

    • Size

      6KB

    • MD5

      94a337b1691d5402dd83d1cc10f8c016

    • SHA1

      03e8aaa5d45d789fbe9a17139e69e2894f2e1d6d

    • SHA256

      181805cf029e844e23561f4963283ecc2679c091a540bb5490c6882b63a827ec

    • SHA512

      b729fc5f7d0526afd9bd45744baf1caebf8eaf32a8c0fefbda02b76f8f919f4f96f57a63068ce1ac875ee059e31ebac384dd139e5e2e9ebc2678388e26d19f8a

    • SSDEEP

      96:pzAa4hEyC/0+nMg9VbobaXDvbRK8W15gP:pzAQ51MwVbobaDzm15gP

    Score
    1/10
    behavioral11behavioral12

    • Target

      everest_bench.dll

    • Size

      1.1MB

    • MD5

      791b22ed5f0a204c578c5696a8b76389

    • SHA1

      86c7c1a4f945bb16efbbe938b692bb177b6ba5a5

    • SHA256

      652665bd91de8c9302c159c154466f5d4690f2974a4e2e58ac570d4b9e674d2c

    • SHA512

      afd5e1d3b917363e555bb5620075994fdb7d5fe11ca38044aba8eb874ba456e4851089e27fd577827f72fc133b3648e613894f08908b43796062167f8a02e9d0

    • SSDEEP

      6144:nk2pBtHnRrmePgqgYadXRqqVPTmfkeEieQr9hKunIIIAIIIIIIIIINnTBtqkY9Vb:nkc0IEznTbq3jP

    Score
    1/10
    behavioral13behavioral14

    • Target

      everest_cpl.cpl

    • Size

      165KB

    • MD5

      948933d4c8da5e35a05b963d38f995cf

    • SHA1

      5fa07abff2ebdfff158d040bceb887c264df4e0a

    • SHA256

      ab2922cf00ed1594ee094fe8ce5279e21a0c719b1ad20c6f7fc57a612222583d

    • SHA512

      8ceea2b3f60b6222db116cc486b6d404305ed2c2b4a3cfe7ddbc3ac9a850198024243959cdad85f65c96cbfa6b880c88e62e32b6b590f0c6f021c4852de9f9b1

    • SSDEEP

      3072:wZ8uJixPDVXyFsUCi0qt6f3pLUjebI9mTv3Rh3vIdp+S1TTSKyn/9FvAVsFBHIH:5uRMfrbXJSJBG7YVB

    Score
    1/10
    behavioral15behavioral16

    • Target

      everest_cpuid.dll

    • Size

      1.1MB

    • MD5

      a4f84fe939a0528887bc38ba8fa6bf8f

    • SHA1

      06f4835008dab4b1373ff101ae7972f076984064

    • SHA256

      f23614c59d2131b223dd4d0e101be8222b71529910aecc07925c363da9ab2f8b

    • SHA512

      44b1358f8f9b932d7c1ea39c7a1f1abc83dff17c1d1aa786091a885f2a5f6538af96f2ef16adfe6e446750d43aeb76c81e433a831e0a5291bba610a53666e689

    • SSDEEP

      24576:iS+G6AP/9Qy8jfNThmatez3lQwImr8qj+xWia3SMXghCIIDZC3wDiML8bB9t2xCL:iS+KP/Oy8jf1teztn+43ZgwIIwgDitBb

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      everest_icons.dll

    • Size

      130KB

    • MD5

      b0efd7bf0fbf059a6c09868e9ac46d39

    • SHA1

      11172a51d72e3408cda0500953bcdeebedacdbed

    • SHA256

      4e3b033f8e5775821fc16b2972692a8b0d137806410b8de41b20ac02f23d4735

    • SHA512

      7a6a70206335592a192a66d6a19977a662d218404da40833fb6f4cae7c6c3ccae3b6b38c2ebe33c76eefb8a8de08f7be5f145caa75de6aff05b39d9dfc226a3b

    • SSDEEP

      3072:F77ACNbdmXt8A0HgCVwqnteH3zXHAxVeOqgukdUE0kUE0k0CUE0kUE0Uk0U00UUV:F//d8qgweH3s0Oqky

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

    • Target

      everest_mondiag.dll

    • Size

      1.1MB

    • MD5

      36a2da8b022567f53d1e729154556858

    • SHA1

      74d646ebc88195201cb29217c42cececaf877013

    • SHA256

      435e6a0d4bf7c466f4ed773db2b18268ac500bc4373ff8f6fd7b60e8efb5f639

    • SHA512

      ad641be98272f2d86443396356079e771222aac882c3782595df5c59fbfe96d5ffb028405f77b339e74a076fadea6b40333c9e952605ab35d12eb65e5256fb19

    • SSDEEP

      24576:I80WZVA0D2waOpSuqFIAYjxRcgIwf/4Si8WhOkUSAn3IhYAcJUtWJFq3:fjA0KJOpSu9BlRcgXf/chkFn3IvcJUc0

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral21behavioral22

    • Target

      everest_rcc.dll

    • Size

      244KB

    • MD5

      3c0bb67318342feac41127ea762e747e

    • SHA1

      af7b0db5fa94c33d894dbc08ea321c00400ccb8c

    • SHA256

      26ef999ae489bafcade92007962ca3d48b3708cb1fbc8b19f4af41e0c6c4e17d

    • SHA512

      cbc7c7895a92121d3dada37cc60208e6692be34355840037e41a229a4374bb44f9078d515cf126e60eca06bc91899e639b817978d3547a90f9544c7faac28b16

    • SSDEEP

      6144:ijo9spvstSt14RGfghhob0sHSkyehnJdmD3Vn0KXu0uo:iyspkSYGfghhehtnJdm7V0gf

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23behavioral24

    • Target

      everest_rcs.dll

    • Size

      250KB

    • MD5

      53b793f090ba6e1906e2fbea207cf610

    • SHA1

      5166caaee765085ad187408a208a3985f620d042

    • SHA256

      c2348ea8812f05a8817f270edb605e9755c42018e65aa7766b530b7f93af6dce

    • SHA512

      e9e392e1cbe92f2d5881db016a7d95780e11ac2309c941b3c1a504f332112691a492152d34342c95ef758c0b55e5d84b6bd7df5ca87ece944866463bd257c674

    • SSDEEP

      3072:cgOZ1frXmbTDQJ42LyH3eBFu+qkmNCQZ1KsMQ3UxJVod3acfbv5J2RpsFdwVe/3i:Zg6241mFtqk++XQkz2xffwpK/3AI4R

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      everest_xpicons.dll

    • Size

      180KB

    • MD5

      a41e8a352948b632c9410f4cd3bd15fa

    • SHA1

      dc8bc3e020bb0c1b70b8462848f5b2f053ab3a0f

    • SHA256

      e7e7d1346608322977a4692312543528c8b26387659291f3a731c3fa80de4dc2

    • SHA512

      de02e49d0a6851ff5206e11f0b8409bd8ad49c12f0c8b60c0a04e0a23a376def73e796492fbeacbbbd33578647391922f9d54536192ad9047bdefe0564f2ff01

    • SSDEEP

      3072:r7708bJfTsjZZkeeX03s2nyhspBroBTxUUHAYsLbpQpKnm7HphSwlvFKEqLAsaJJ:r/0sJ7sjOXUn1Lr0eUHADbp30yGvFKED

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral27behavioral28

    • Target

      everest_zipdll.dll

    • Size

      53KB

    • MD5

      c7d5a68623e72f0ba78adc6b2a4463bf

    • SHA1

      7081bdc107a886b1624d6ab0562e016581ae93c3

    • SHA256

      8d5a29273774db51a576f90265e4ec989a0efa29b1111d4f624ad4252e8c75ce

    • SHA512

      93347691e9f065673b864bc2df525d5e65eda3b97ade81af0301cef37ed5eff36211bbf3185730b514a5a68ff843ef03c0977fc6154357160a336922b49d14be

    • SSDEEP

      1536:8kLOf3Fi+XG4i8uiL2A7iGinYUUo6t4PRfxC:RS9Ujo2A7iGinooRPm

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

upx
Score
7/10

behavioral4

upx
Score
7/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

upx
Score
7/10

behavioral8

upx
Score
7/10

behavioral9

evasiontrojan
Score
6/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

upx
Score
7/10

behavioral18

upx
Score
7/10

behavioral19

upx
Score
7/10

behavioral20

upx
Score
7/10

behavioral21

upx
Score
7/10

behavioral22

upx
Score
7/10

behavioral23

upx
Score
7/10

behavioral24

upx
Score
7/10

behavioral25

upx
Score
7/10

behavioral26

upx
Score
7/10

behavioral27

upx
Score
7/10

behavioral28

upx
Score
7/10

behavioral29

upx
Score
7/10

behavioral30

upx
Score
7/10