Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2b439a03a7...18.exe

windows7-x64

7

2b439a03a7...18.exe

windows10-2004-x64

7

$PLUGINSDIR/Delay.dll

windows7-x64

3

$PLUGINSDIR/Delay.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

Castle Clout 2.exe

windows7-x64

1

Castle Clout 2.exe

windows10-2004-x64

1

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

$PLUGINSDIR/Delay.dll

windows7-x64

3

$PLUGINSDIR/Delay.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b439a03a70011aaae44b6b2b56953188c6607d547b7aa3f5d6924bce9ef5d18

  • Size

    1.1MB

  • Sample

    240126-vwbepaaed6

  • MD5

    2f35d56ad83cf6f1d2c0ca2c6c78ab67

  • SHA1

    79dfb7c1a5381b7f6db325ccb0fc107dccf2419b

  • SHA256

    2b439a03a70011aaae44b6b2b56953188c6607d547b7aa3f5d6924bce9ef5d18

  • SHA512

    a405da9eb3d2925105a30fad3431f965a409a0b5dcdd81250dd672775a3ba0609d6fdb70344977e89be94f5df2c594ca77bec16e3ad5e66852514a59b1c1613e

  • SSDEEP

    24576:JMZIwzMpYwyaIr8ur+FNtk9n7QFua7Pi7znxfZbzkScSZgXRaWZIfuB9H5O18L:uJoYwnLFNtWOni7zxRbApSZgXRaWAuBF

Score
7/10

Malware Config

Targets

    • Target

      2b439a03a70011aaae44b6b2b56953188c6607d547b7aa3f5d6924bce9ef5d18

    • Size

      1.1MB

    • MD5

      2f35d56ad83cf6f1d2c0ca2c6c78ab67

    • SHA1

      79dfb7c1a5381b7f6db325ccb0fc107dccf2419b

    • SHA256

      2b439a03a70011aaae44b6b2b56953188c6607d547b7aa3f5d6924bce9ef5d18

    • SHA512

      a405da9eb3d2925105a30fad3431f965a409a0b5dcdd81250dd672775a3ba0609d6fdb70344977e89be94f5df2c594ca77bec16e3ad5e66852514a59b1c1613e

    • SSDEEP

      24576:JMZIwzMpYwyaIr8ur+FNtk9n7QFua7Pi7znxfZbzkScSZgXRaWZIfuB9H5O18L:uJoYwnLFNtWOni7zxRbApSZgXRaWAuBF

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Delay.dll

    • Size

      7KB

    • MD5

      4602d9a9ed82d646522ead08a58536a9

    • SHA1

      b070bad90e13e85c97bd4e530ca7958c22e36a5a

    • SHA256

      b6691bf37f13e37bfc07d45990092fd9398f7eff8cb1bbad05e528def0307c4a

    • SHA512

      5ebad4e83d411799a25b1e462ac3c7683dd0c973f131eed29131af7a240f92f55e6c60b78f96388bf7c4134941353794d79ef6c91476e8def7e5c803544afec9

    • SSDEEP

      96:fkcYhKlqWFeJ9DekCN3jPpP4DyGE3qLNf:cXKMJRC5BfGE3qLN

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      50fdadda3e993688401f6f1108fabdb4

    • SHA1

      04a9ae55d0fb726be49809582cea41d75bf22a9a

    • SHA256

      6d6ddc0d2b7d59eb91be44939457858ced5eb23cf4aa93ef33bb600eb28de6f6

    • SHA512

      e9628870feea8c3aaefe22a2af41cf34b1c1778c4a0e81d069f50553ce1a23f68a0ba74b296420b2be92425d4995a43e51c018c2e8197ec2ec39305e87c56be8

    • SSDEEP

      384:jQB2ZUVHUxgoJX0eBA6PcH85db+ya9cC0Ac9khYLMkIX0+G5xgZmT+m//a:j/UFeJ5S6PHLNa9cFam/

    Score
    3/10
    behavioral10behavioral9

    • Target

      Castle Clout 2.exe

    • Size

      1.3MB

    • MD5

      8a84afcc7fa2f4d4a1e778be28ee94e4

    • SHA1

      8238e77fab788b1317df44083cec1e9c6fbc85b1

    • SHA256

      05359de3e14bdf07ba899a204d894be2b88e9109d00962671ac5118a43dac722

    • SHA512

      b3c2db777590ba7a73cc4e29de40d6e45fbfcd3c246d1ae88e572318178e6344d3ea940e290dba6a153f1b983dd18209b4f61a3b9e386febc0557ff1625b1c0c

    • SSDEEP

      24576:nhBGEgxCQTOqIkRUOtpzo5TfQ3qXUeZ1p18IXf4RPjUDsiIusqbIM:7UwGTR57zUY3qxZ1gqf4RPIfvN

    Score
    1/10
    behavioral11behavioral12

    • Target

      Uninst.exe

    • Size

      91KB

    • MD5

      4f328289767df4f975169f92c2bb4127

    • SHA1

      1a9a93f3209e2713a6c0cab9a54eb78733e24297

    • SHA256

      1f9f2a47e8c6ba0adac309cd8bc3fa7858963bfed9ad42c669e194ae0eb13743

    • SHA512

      8cd458bd64ccb4636eee355d84519dd9928c51687b59fd9d3e2b38a17f6b68ebd691780537067275c81d0ed05a01e7e59e084616175f6e1192ac01745749342d

    • SSDEEP

      1536:UyZMSZFvknTePMZd4k4kJJe+zR5NSO3gaevfPzG+cZWoAN8GYiutIhy67j21v/hr:jZMJnTeM4cJJe+zlwa8fPz49biueh77m

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      $PLUGINSDIR/Delay.dll

    • Size

      7KB

    • MD5

      4602d9a9ed82d646522ead08a58536a9

    • SHA1

      b070bad90e13e85c97bd4e530ca7958c22e36a5a

    • SHA256

      b6691bf37f13e37bfc07d45990092fd9398f7eff8cb1bbad05e528def0307c4a

    • SHA512

      5ebad4e83d411799a25b1e462ac3c7683dd0c973f131eed29131af7a240f92f55e6c60b78f96388bf7c4134941353794d79ef6c91476e8def7e5c803544afec9

    • SSDEEP

      96:fkcYhKlqWFeJ9DekCN3jPpP4DyGE3qLNf:cXKMJRC5BfGE3qLN

    Score
    3/10
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      50fdadda3e993688401f6f1108fabdb4

    • SHA1

      04a9ae55d0fb726be49809582cea41d75bf22a9a

    • SHA256

      6d6ddc0d2b7d59eb91be44939457858ced5eb23cf4aa93ef33bb600eb28de6f6

    • SHA512

      e9628870feea8c3aaefe22a2af41cf34b1c1778c4a0e81d069f50553ce1a23f68a0ba74b296420b2be92425d4995a43e51c018c2e8197ec2ec39305e87c56be8

    • SSDEEP

      384:jQB2ZUVHUxgoJX0eBA6PcH85db+ya9cC0Ac9khYLMkIX0+G5xgZmT+m//a:j/UFeJ5S6PHLNa9cFam/

    Score
    3/10
    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks