Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

windows_10...64.exe

windows7-x64

7

windows_10...64.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

10

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

10

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

10

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

10

bin/acyclic.exe

windows7-x64

1

bin/acyclic.exe

windows10-2004-x64

10

bin/bcomps.exe

windows7-x64

1

bin/bcomps.exe

windows10-2004-x64

10

bin/cairo.dll

windows7-x64

1

bin/cairo.dll

windows10-2004-x64

10

bin/ccomps.exe

windows7-x64

1

bin/ccomps.exe

windows10-2004-x64

10

bin/cdt.dll

windows7-x64

1

bin/cdt.dll

windows10-2004-x64

10

bin/cgraph++.dll

windows7-x64

1

bin/cgraph++.dll

windows10-2004-x64

10

bin/cgraph.dll

windows7-x64

1

bin/cgraph.dll

windows10-2004-x64

10

bin/circo.exe

windows7-x64

1

bin/circo.exe

windows10-2004-x64

10

bin/cluster.exe

windows7-x64

1

bin/cluster.exe

windows10-2004-x64

10

bin/concrt140.dll

windows7-x64

1

bin/concrt140.dll

windows10-2004-x64

10

Resubmissions

23/02/2024, 14:34

240223-rxp3paca7y 7

25/01/2024, 16:04

240125-th1a8abbek 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe

  • Size

    4.8MB

  • Sample

    240125-th1a8abbek

  • MD5

    54ecf446aadefeefc670db219d24aa42

  • SHA1

    6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160

  • SHA256

    e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f

  • SHA512

    4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9

  • SSDEEP

    98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe

    • Size

      4.8MB

    • MD5

      54ecf446aadefeefc670db219d24aa42

    • SHA1

      6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160

    • SHA256

      e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f

    • SHA512

      4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9

    • SSDEEP

      98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      5f35212d7e90ee622b10be39b09bd270

    • SHA1

      c4bc9593902adf6daaef37e456dc6100d50d0925

    • SHA256

      31944b93e44301974d9c6f810d2da792e34a53dcacd619a08cb0385ac59e513d

    • SHA512

      7514810367f56d994c6d5703b56ac16124fab5dfdcfbe337d4413274c1ff9037a2ee623e49ab2fb6227412ab29fcc49a3ada1391910d44c2b5de0adeb3e7c2f0

    • SSDEEP

      192:E4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjaK72dwF7dBOne:tn3T5KdHCMRD/R1cOnrja+BO

    Score
    10/10
    kinsingloader
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      26836307758e048d1ce0afe754d6a972

    • SHA1

      23a8f45cf5e2ad78add3c4dd3b3cf15fffced2cc

    • SHA256

      a6919f5f3b53a9c8c015413babe7a9872491a2583e49bb3c261e60785c3c3534

    • SHA512

      aaf7cfbb9c6951b65bd377db401617812f1d47960a01ae99164183c642fbd8f1ce08720bc92d26b642da5433b80720dfcd96280a162decf678139966be132746

    • SSDEEP

      96:IgiqVPb3X8K8Kdr3gEq6nNdMk6Qiw290+q6LDtJ1tk3hhEl7y:IgiqVPgK8K9eIdE9B/t8hg7

    Score
    10/10
    kinsingloader
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fccff8cb7a1067e23fd2e2b63971a8e1

    • SHA1

      30e2a9e137c1223a78a0f7b0bf96a1c361976d91

    • SHA256

      6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e

    • SHA512

      f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c

    • SSDEEP

      192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4

    Score
    10/10
    kinsingloader
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      acbda33dd5700c122e2fe48e3d4351fd

    • SHA1

      2c154baf7c64052ee712b7cdf9c36b7697dd3fc8

    • SHA256

      943b33829f9013e4d361482a5c8981ba20a7155c78691dbe02a8f8cd2a02efa0

    • SHA512

      d090adf65a74ac5b910b18bb67e989714335e7b4778cd771cff154d7186351a1bebbc7103cca849bdfa2709c991947ffff6c1d8fdf16a74f4dfb614bce3ff6fd

    Score
    10/10
    kinsingloader
    behavioral10behavioral9

    • Target

      Uninstall.exe

    • Size

      177KB

    • MD5

      c44e21287691aa027e367101defaff7a

    • SHA1

      06db2c3e6c67860d1c05c6b26b7ffd326d0983d3

    • SHA256

      87e90ea06dcba7d18f8ee71d4b6890d75a11fdfa8dc66eb78c19a816cc2e17ee

    • SHA512

      d372ab9ed470354545cb91719d88aa4cba55d653fbf302e2517b2074f55af00b66a1a4dd64f2f8c54e3ddaae16b912bc4e7c86e66fca4041a93efa7cdf0de165

    • SSDEEP

      3072:Fde3GHdi4uoF8cGVIhf6DJzRZBYDp0GS1YH29jXUsZkIpiXz7KRcA:Fgsd4DJXIHgTpiD4

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral11behavioral12

    • Target

      bin/acyclic.exe

    • Size

      13KB

    • MD5

      d3ee915aef8267af6a431f87878b97a7

    • SHA1

      fc11659fb95ad8246b891928bd879384f7a7903e

    • SHA256

      805e2e2c04e394e981c6b74001046a1ad672c1676fe0991943ed01e68c84c25a

    • SHA512

      130a9666703580548f424ca54932bec8bdc78240d4b8c0293654fca6ec1872ec4a7edae75264a096c41eeb31a1133366c47b5b7073c7f582646f866ac05ead52

    • SSDEEP

      192:54xaagsre+kG43nYa7EO4a6bzuP3ue8u420fsQ5tf/Dbv:KxPgsQG43MO8k4ZHsmv

    Score
    10/10
    kinsingloader
    behavioral13behavioral14

    • Target

      bin/bcomps.exe

    • Size

      19KB

    • MD5

      bf5116eb6c519339bf6a811ffbdb1b12

    • SHA1

      81b1425f4ec8de36b6c0f2ee82e14c136e299b7d

    • SHA256

      0197256dac208fb6eef90bed19d1c3fdc698cabfa2463beda48e1e0bdbd49967

    • SHA512

      f9e64a296545a2eb01a4c4ebd1098ed43a0851028a02415f447e9fad83a0d7efc1355d91fb4a80c7e8274cd940a40bb0e29b6abea88cf63ffb49f4c6c75f55d9

    • SSDEEP

      384:ObLSqJaJ+VpmswyLtPKt16SV5RiX9TOyos2wr:ObLNi+VpNZPcvV54tTJosBr

    Score
    10/10
    kinsingloader
    behavioral15behavioral16

    • Target

      bin/cairo.dll

    • Size

      1.4MB

    • MD5

      88bbd40e8bbe5ab910358abf1ef273c2

    • SHA1

      efa1a573001f5e97b5d03b7c8c9e93f0055a5595

    • SHA256

      0666a7f0a7c4e5a07328ec12699de10f1fb37ca0dcf48446bc63a5ca5090cd5a

    • SHA512

      5b974cb6a4775ab0e32dc99655cba557d7f2788b4d3dca2d3cfca2144015bbe825a701fe7fd0b5554e9a7ce31dacdc1fe7a47fac2fe2ec4f015b364cca6fc2f7

    • SSDEEP

      24576:flKt11sws+ccfh575V75iQtceAaL9WDgvOuqeFb4c8ZrTMS:0t1Rs+cc/75V75/HUgvRqepsT

    Score
    10/10
    kinsingloader
    behavioral17behavioral18

    • Target

      bin/ccomps.exe

    • Size

      24KB

    • MD5

      70ebee24e79568fb3c9086052e8c6b8d

    • SHA1

      44cc321f6ba2cef11ea486d8b548a66c66fcc974

    • SHA256

      208518e838c031f744aa13e26e53f258c8b7e9e5ce030cf30f4f4be277efa45f

    • SHA512

      a6a34518bd1c2620e58782f6e161bd81af11c04d85d9057f89e9b1ee95564a7a6d342ee3b0cf0888a2bb83296d1b700d9df3060ff24937aee8d793d478cf4403

    • SSDEEP

      384:5A20KZs0kXxq+2Q47XSFRhOkIPKUJCp/a+lAW7nPnHs4qxB:h08s0M7OXgYHPH4x/lAW7nPHszx

    Score
    10/10
    kinsingloader
    behavioral19behavioral20

    • Target

      bin/cdt.dll

    • Size

      24KB

    • MD5

      c5f6c280750ebfa566cddea5ca13e8cd

    • SHA1

      9611cf6620fc3391f4790f647103725bb7e1656b

    • SHA256

      c840bfab79c2d707688bdda7da41ed6d2a830a63d4df6775af45d52c6ef04551

    • SHA512

      d633890f1bfc1db9442cef199198f36c070d1527a816dc7ad0ef9b2ec6d3f3681346ff01741c0cabdd097603c1d970ae153eb4bf4fd1864c4dbfc95abd6425c7

    • SSDEEP

      384:z32N/c5ZvZoeXGPDYIHMivGuAPXo4r4IyF3Ed/rAvrXREMm6JqJOCEIzio9ZNWB:X5Z2PsApIE0dUvrXRfqcrIzio9C

    Score
    10/10
    kinsingloader
    behavioral21behavioral22

    • Target

      bin/cgraph++.dll

    • Size

      11KB

    • MD5

      9188d93b994f504a538f506a2e93295b

    • SHA1

      53752f981723d740f4413a0ed6cf14cc85ac0890

    • SHA256

      f2cb83e8c8822f72638dbd0270b493b41d7439bce117541008141ac09ad9ec4a

    • SHA512

      424ba9944da6378d753ebb5210587e15f385c260b89fb16ae6d5b1462ed145607e87d60d0da8fbf909d8f6dd8156f7a64ef9af0bd65e5b34f2ca5f687062b51f

    • SSDEEP

      96:XNxaRQDKpAB45opyg1TvtsJ+UQ5sPE38Or1ldUIbJGiF+3+lEyu9XCDsuy+fCOxx:barqtwgDb3MORlXS3+lEyyyDsNbfc

    Score
    10/10
    kinsingloader
    behavioral23behavioral24

    • Target

      bin/cgraph.dll

    • Size

      76KB

    • MD5

      509773500bceb707c94da395986e0cfa

    • SHA1

      34b6c423770a8dffca4c0671de97054456cbd6dd

    • SHA256

      7bb96722c6a83129b8c0f0dd99c2c46031bc8ca5eea0facbb6c9f82ca4be1182

    • SHA512

      da07ba0167c58e176995d2c07b5a96d1678fde7910568f333658df6ee6dfacca61c4e331830d30767bbe8649f214447faad2f440230aff37613f96bcd3fb758c

    • SSDEEP

      1536:Pqfq/F/L2rTujauMje5DOMIZFc7/QF3z1xG6B33yS7P:ifq/JaujeiQlnQ/QF3z1xG6Ri

    Score
    10/10
    kinsingloader
    behavioral25behavioral26

    • Target

      bin/circo.exe

    • Size

      10KB

    • MD5

      1585d7f2b5117236b518ced2dc07a9b6

    • SHA1

      b9fc216a5e45730bf3bcccff4221008a69d619e5

    • SHA256

      e92a65d718431793c0166b0071d7c9ed090d98cdb428de0c8c4c3f7e21ee9fe9

    • SHA512

      e05de67f577c9df3ad3b7e4027886e1ed6e2066060a2ca47e6c02dd168433cc9e64e3b67d72c3dab0fce3125d2632b327dc4c237371621ddd2e620c556292f0b

    • SSDEEP

      96:Oi1H40dk3bZPJ+r3tiUTPJRH5copsPajelj8+wEEUnR8mEsQ5tfOLCDbNXjyTQx:/YzrZTA5DeV8+5nR6sQ5tf/DbNXjyT

    Score
    10/10
    kinsingloader
    behavioral27behavioral28

    • Target

      bin/cluster.exe

    • Size

      211KB

    • MD5

      a45ea128738317e6dfde0b98616fa3b9

    • SHA1

      3c31f980b7009c2207ce8cb732d8256e53db73ea

    • SHA256

      e6474857628eb352581376f4502857017b8dbb8b444ccebe9a913f80a922b477

    • SHA512

      ffe08e67a2d1b283cffe0d69b34b4d203eef6641170bdfc399b7091c35fd738065456136ef7cb3bbb81de652943a9400511b5554b6034dffaca56d6091f8e994

    • SSDEEP

      3072:onNqwfgL5yyCyBTyMlNYbVOGXxFFFav3e5biTLcxy0VXUhiQFw4e:KqLkyXBTyNDavibdvxmu

    Score
    10/10
    kinsingloader
    behavioral29behavioral30

    • Target

      bin/concrt140.dll

    • Size

      310KB

    • MD5

      cd12471b295f6a1c66dcc9fc519eef5b

    • SHA1

      dbca64bc390ea30d54c184086f0505fef35cd969

    • SHA256

      573229a07f38ab9d2fc2e1a5b98e9243b9b39100323180c83ad7ddaf98eee46a

    • SHA512

      c8a75f285e12f3e65ea18b002d4661f01ebf54d464fec761917ac09709ff6005f0e15bf76756ccde8d19fe88f096d05df20bab252bb2c26248af5aaad846b988

    • SSDEEP

      6144:1EI93zcNn3dMiBXHxHSSXfPnevwbbeVu00Xp9gznWzgQQf3P2iyK:aIlwNqihUSPPd9z8yK

    Score
    10/10
    kinsingloader
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
7/10

behavioral2

kinsingloader
Score
10/10

behavioral3

Score
3/10

behavioral4

kinsingloader
Score
10/10

behavioral5

Score
3/10

behavioral6

kinsingloader
Score
10/10

behavioral7

Score
3/10

behavioral8

kinsingloader
Score
10/10

behavioral9

Score
3/10

behavioral10

kinsingloader
Score
10/10

behavioral11

Score
7/10

behavioral12

kinsingloader
Score
10/10

behavioral13

Score
1/10

behavioral14

kinsingloader
Score
10/10

behavioral15

Score
1/10

behavioral16

kinsingloader
Score
10/10

behavioral17

Score
1/10

behavioral18

kinsingloader
Score
10/10

behavioral19

Score
1/10

behavioral20

kinsingloader
Score
10/10

behavioral21

Score
1/10

behavioral22

kinsingloader
Score
10/10

behavioral23

Score
1/10

behavioral24

kinsingloader
Score
10/10

behavioral25

Score
1/10

behavioral26

kinsingloader
Score
10/10

behavioral27

Score
1/10

behavioral28

kinsingloader
Score
10/10

behavioral29

Score
1/10

behavioral30

kinsingloader
Score
10/10

behavioral31

Score
1/10

behavioral32

kinsingloader
Score
10/10