Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Funshion/@...��.exe

windows7-x64

3

Funshion/@...��.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

Funshion/CoreAAC.dll

windows7-x64

1

Funshion/CoreAAC.dll

windows10-2004-x64

1

Funshion/C...rt.exe

windows7-x64

1

Funshion/C...rt.exe

windows10-2004-x64

1

Funshion/FAQ.url

windows7-x64

6

Funshion/FAQ.url

windows10-2004-x64

3

Funshion/Funshion.exe

windows7-x64

4

Funshion/Funshion.exe

windows10-2004-x64

5

Funshion/G...ss.dll

windows7-x64

3

Funshion/G...ss.dll

windows10-2004-x64

3

Funshion/L...an.dll

windows7-x64

1

Funshion/L...an.dll

windows10-2004-x64

1

Funshion/R...ng.dll

windows7-x64

3

Funshion/R...ng.dll

windows10-2004-x64

3

Funshion/S...me.url

windows7-x64

6

Funshion/S...me.url

windows10-2004-x64

3

Funshion/S...wn.url

windows7-x64

6

Funshion/S...wn.url

windows10-2004-x64

3

Funshion/U...ry.url

windows7-x64

6

Funshion/U...ry.url

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d8aa06705b2cdea0517c67f8c8f97cb

  • Size

    3.1MB

  • Sample

    240128-vp9c5secf7

  • MD5

    7d8aa06705b2cdea0517c67f8c8f97cb

  • SHA1

    122210d341de88ce6351297eb3e1291d44b01482

  • SHA256

    4aff974db2413e19562609cfa92f7a0c22a1f392c6b44fc0305740f79f323e9d

  • SHA512

    386b48c0c6adc7b7f1d76a9ae6571cb03ecd82db9f5c8288d52f069ad4516e85b49005397a951680a8416ee5f25e95fab5900091345c1fa298aaf6b562e24347

  • SSDEEP

    98304:DurnisPsaTZ1qMFcR1aj4daPevarVNiKjTulj6:YnijaTfGR2bPCuPju6

Score
6/10
evasiontrojan

Malware Config

Targets

    • Target

      Funshion/@绿化工具.exe

    • Size

      160KB

    • MD5

      a292470ecd345749aff67087c30130b9

    • SHA1

      729e80cd455af87a32277071b967e02e478c3c8d

    • SHA256

      85a8dad4831f4ec417aa9c421b377e472ec9bc1a13a210ebcb7af4b997d8a757

    • SHA512

      199b92b494a326db3f56e6701cd14afc0f9faa8a579fbba4b11f997dba02228e265c642da2c942aa150cd9e8b91352cd85294775215dd549bb380fcf096cc5b6

    • SSDEEP

      3072:RdRY5hG2QC1J/JJwc34OCt4iCSIAql7m3N1KLP39JHVaXKgMfKwwo4vvp:R3Y5RJoIACENSPNPaSwJR

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/ButtonEvent.dll

    • Size

      4KB

    • MD5

      fad9d09fc0267e8513b8628e767b2604

    • SHA1

      bea76a7621c07b30ed90bedef4d608a5b9e15300

    • SHA256

      5d913c6be9c9e13801acc5d78b11d9f3cd42c1b3b3cad8272eb6e1bfb06730c2

    • SHA512

      b39c5ea8aea0640f5a32a1fc03e8c8382a621c168980b3bc5e2897932878003b2b8ef75b3ad68149c35420d652143e2ef763b6a47d84ec73621017f0273e2805

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      107737e3282fefd85684f2fa3df6d1c3

    • SHA1

      3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f

    • SHA256

      21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0

    • SHA512

      439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4

    • SSDEEP

      192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      0ae9c427fe7bbbbf1368c1c6d3933ae7

    • SHA1

      c8e5131613302531c88512dada29a18886259268

    • SHA256

      49437f4b9fd38007f3b2735f0a8a12830b995305c75118b440202980183d5c6a

    • SHA512

      59b76b00f2b0d6242dc5bc3cb36d3ff78867445f502e34cea890c6f493c2adf9b97cec539963204ddd1c641e1a77139f46fc33dec4dc636f4b06d2edffffec6d

    • SSDEEP

      96:vCCshwlpqUsYghN/9uvZ7CLWNCSiiVTQYBGVXRvuBDlSriklbuba1iLc+cEyzo7e:BzqUuh/uLCXIkYBGV9uVlSblbubbwtl

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/linker.dll

    • Size

      6KB

    • MD5

      8450b29ee8d592c208ba1aaf6ee50267

    • SHA1

      75096da057bc85cef63bb0eec168652ea75cf618

    • SHA256

      53aa57e582dc56421c1191a0a9efac9c36960b903b7d825f3b9682605ec2b612

    • SHA512

      d23a3057053a1f36f5eb212ae0b09b9b0b41e50b8a6a20bbc46c12c51199ad0bca741bcce17534488158e8f2b9470dbdac2aa059688b7588a05778c40d461039

    • SSDEEP

      48:q/XgJspkvsIWyuS3fyVLkmqbIWXGuDNcGo+FLtLFSfrPIk2vIhll:4gJsFIWjS3qVomqIixo+9tLFUr4vMl

    Score
    3/10
    behavioral11behavioral12

    • Target

      Funshion/CoreAAC.ax

    • Size

      592KB

    • MD5

      6636fd123e77073c1a07d1ec0831334c

    • SHA1

      39ea6f28d5b30675760f29df68160a81d5df349e

    • SHA256

      e85c1802ae3c7af9b7967ceadaf0504823f092abba04ba912576edbfd421e76a

    • SHA512

      3ac59d1ad36eb1c052c272a11c6dd78dbebb5061b8b79a2a1f0108f8208be7fb9cc8e6208124b12c779e2bdc845882cfd432a84427e2c5c312c4d3275b054849

    • SSDEEP

      12288:8rXUXLyZqsQoK2AyPaGJuVpk+v9LybKslc9OyGs2+eD:SUX4K2kGJMpkwLyllA7l2

    Score
    1/10
    behavioral13behavioral14

    • Target

      Funshion/CrashReport.exe

    • Size

      176KB

    • MD5

      d06c625f3d22ceb1dd0fb60edeeca874

    • SHA1

      977f88291306735dbed3f3167edff5c56b4871bb

    • SHA256

      4306bc4c6c2b7397c88b0a91e64daa201d481e8f00bed9b545d547dd46363f97

    • SHA512

      036f23103e9c59fa038a7132c19978a342eba8a2b30db8362a63e119e49a06606516daaf7b64408158867dc4d72e83e22239879857d796000e61b276099e1925

    • SSDEEP

      1536:lnZ8l7mc8hn+nU9W7IW/jgQhY9NR4LdcPGBGq+/ECwzpBO1E3jr72aU9nToIfChb:lth+8WRk+Bsino1TBfCZw5ux0rwIy7

    Score
    1/10
    behavioral15behavioral16

    • Target

      Funshion/FAQ.url

    • Size

      56B

    • MD5

      d15739018b4c6fe7090cf40a34e8c0c5

    • SHA1

      201546c57fe04ece7452e3c24b452a18b8142c70

    • SHA256

      1d8c255067ce85f76a89b779078801bae4a0f5fff79b2bb4f6ffa76624a76058

    • SHA512

      4c00d30c547b871f02cf99adb197bcc05da1f6fa89a811010edab176ad3ff4824faf530bf8c2a66ff94186ff3fc8ce032442500da7e28516b70686f42adb1570

    Score
    6/10
    evasiontrojan
    behavioral17behavioral18

    • Target

      Funshion/Funshion.exe

    • Size

      2.7MB

    • MD5

      12c92913e1e2f029be52e0f3103c3c16

    • SHA1

      27c755028045ba0304033a68121a255482aa7bf7

    • SHA256

      d1faf8d2282bbe2f15715f703076a145f0c64e3b8c7d2f6f966ad9bcce9f463f

    • SHA512

      48baa2229cc6c63991fb6a471ab3043f877da6b2dbfeb9a1196a2a6237386621ac4f240d2752c463f17a49f3d0d74716cb0f9009ea3d55efef101644a1fb391d

    • SSDEEP

      49152:xJUfDTk1VsrS2tOWQMtXDeN0y7lBnvrOqyd+gsAnT6LAsr:snkjq/DeN0yH6q0+lLAo

    Score
    5/10

    • Drops file in System32 directory

    behavioral19behavioral20

    • Target

      Funshion/GetMACAddress.dll

    • Size

      3KB

    • MD5

      ab29592d8a29cde732fea3b98f6808e9

    • SHA1

      3b5e35a0bf8068a5bdc838247f76295fb42fe9fc

    • SHA256

      93cf8e896ee21770e4177dc65309a61688fef8bc03c59457cf2083cb6876ae14

    • SHA512

      e71d0e572f875a4ff38a83e8d644796eb48181c58505c878c4350ba0b383ee81a81ca04b149c223e358e3d0d69d9a58b9b828b977d6a849ecce2bf3ad2ed65a8

    Score
    3/10
    behavioral21behavioral22

    • Target

      Funshion/LangResEnAmerican.dll

    • Size

      104KB

    • MD5

      4e34ae558dd4d3364f757d4161ae4e00

    • SHA1

      b4d119f2ff69e47ac19eba567d36cc769c1ea2c9

    • SHA256

      ce389207c8fb623bba59d21214001f1f6099b8a4b2f146472583b8844c69b546

    • SHA512

      183d9c0ea1754dd56869e3699e8d7f788ff6dd105b826d61d87d563bbe4489dc3615a0d52d78e9d600becd6f0657f66cda70e3de43ef906608d7b9b01ef0f05e

    • SSDEEP

      1536:Q+2n4lUo5XEG5mIqNAnBK4pmc4RoNJRLN4R:Q6+G5LqNeB/mGNfLWR

    Score
    1/10
    behavioral23behavioral24

    • Target

      Funshion/RouterSetting.dll

    • Size

      176KB

    • MD5

      36373fe050b249b69c1557a88b1a9f48

    • SHA1

      17effb4ba9c59de465fa0030a405309fb02fe0c5

    • SHA256

      bd3ccd1fd0f418a525aedd9420daceb4037d7e29e9118134c6d79008854f9c59

    • SHA512

      3819c1b5ed56724d0f65784a445bd3a5eaa091a7ca28a65c7cd14feac311095d17bab767d1c7bb26e8fa4f599af83033c406180a9ac70a9eb7cba30294994d9b

    • SSDEEP

      1536:EErIKoKCE/djJFHeQwq9t8adQ5CcSdx49fudQ2OdgGUFna3ZP0I/QkpRKzJQ15fx:6RPE/ZPh1xofddhUwJP3pRko5fntLX

    Score
    3/10
    behavioral25behavioral26

    • Target

      Funshion/SoftReadme.url

    • Size

      73B

    • MD5

      0cbf9e7411800f09b1abf3acc9265500

    • SHA1

      34aa97932f3b8f04ed03a08a31d8d5a36b742bf1

    • SHA256

      e7414f9999d118e23d5f7458c932ceee5c59baab956c0f175bf4e64fcda028dd

    • SHA512

      92d5999ce657bf4900f9a22e3461367fe1b47e8de5565dabb81d8b928edd114cc6d8822eb6f240aca0fc783ab0eaf309abd8f624e9f5280ca9718e18f2436967

    Score
    6/10
    evasiontrojan
    behavioral27behavioral28

    • Target

      Funshion/SoftwareDown.url

    • Size

      67B

    • MD5

      a050daf469174fd816ca3df488a72400

    • SHA1

      f681e601e196d9f0dab7733d753fb920db35fe08

    • SHA256

      66891825360b4e2c2501918947ad0b1c772da0f22de62096b39a62d1cb8a63de

    • SHA512

      5234711ddca05ed479bc59f1fa601fe50d49409c92facce6319ae1eeef8ed5abc1c60e98ee1ed670d7b3e2ae12372d28e10e61cf78595b33f620e83449746089

    Score
    6/10
    evasiontrojan
    behavioral29behavioral30

    • Target

      Funshion/UpdateHistory.url

    • Size

      68B

    • MD5

      5e76c75390b6dac8b6a0cfb399ad66ed

    • SHA1

      7b36880732456b8f4b9eb343cfb5c661e52bcbf7

    • SHA256

      b71e4ec8030948b98cb7d51210fcfbe917d560d6b48b0465df63ea3f89c08db9

    • SHA512

      89d6f7556cb8c8ae79c672c7eb172158b780036b9c6100167fbb6a55a5ffb894b58ba9412bdb52e4b1e8400d09a7a970900c10fe1bed7920dfc86d6b00507d86

    Score
    6/10
    evasiontrojan
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

evasiontrojan
Score
6/10

behavioral18

Score
3/10

behavioral19

Score
4/10

behavioral20

Score
5/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

evasiontrojan
Score
6/10

behavioral28

Score
3/10

behavioral29

evasiontrojan
Score
6/10

behavioral30

Score
3/10

behavioral31

evasiontrojan
Score
6/10

behavioral32

Score
3/10