Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8f24ef1371...e7.exe

windows7-x64

1

8f24ef1371...e7.exe

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

client/error.htm

windows7-x64

1

client/error.htm

windows10-2004-x64

1

client/index.html

windows7-x64

1

client/index.html

windows10-2004-x64

1

client/index1.html

windows7-x64

1

client/index1.html

windows10-2004-x64

1

client/index2.html

windows7-x64

1

client/index2.html

windows10-2004-x64

1

client/ok.htm

windows7-x64

1

client/ok.htm

windows10-2004-x64

1

client/view/list.exe

windows7-x64

1

client/view/list.exe

windows10-2004-x64

1

mpvod.exe

windows7-x64

7

mpvod.exe

windows10-2004-x64

7

readme.htm

windows7-x64

1

readme.htm

windows10-2004-x64

1

register.htm

windows7-x64

1

register.htm

windows10-2004-x64

1

repaire.exe

windows7-x64

1

repaire.exe

windows10-2004-x64

1

skinhelp.htm

windows7-x64

1

skinhelp.htm

windows10-2004-x64

1

vodclient.exe

windows7-x64

1

vodclient.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f24ef137125d87a055764dfcd3a1ae7

  • Size

    1.9MB

  • Sample

    240204-pk2jvahbc3

  • MD5

    8f24ef137125d87a055764dfcd3a1ae7

  • SHA1

    11f564f1b3b2b09ece876e73f5b4595387119802

  • SHA256

    e1315710803b96dc996f4a30aa10ede6e428c4d7ae55e848044179a5ef42cc6f

  • SHA512

    6ad15ed84fd95d5290b5aec03adcc33b5c44e0a38dab587e906dd7551452c64077792735315e819d493891a234e0f7ccd46b2aae6a47ec0f0a40388807e1bbc0

  • SSDEEP

    24576:Nb6p8BxSCfZlYKY57KiSYKXwRTIyhwGnGG9r+MQ7vgfdjFrFWPP63nB5Tlamlgqe:R6p8BQIrlirKX4TJwGnGGV/FU6bTze

Score
7/10

Malware Config

Targets

    • Target

      8f24ef137125d87a055764dfcd3a1ae7

    • Size

      1.9MB

    • MD5

      8f24ef137125d87a055764dfcd3a1ae7

    • SHA1

      11f564f1b3b2b09ece876e73f5b4595387119802

    • SHA256

      e1315710803b96dc996f4a30aa10ede6e428c4d7ae55e848044179a5ef42cc6f

    • SHA512

      6ad15ed84fd95d5290b5aec03adcc33b5c44e0a38dab587e906dd7551452c64077792735315e819d493891a234e0f7ccd46b2aae6a47ec0f0a40388807e1bbc0

    • SSDEEP

      24576:Nb6p8BxSCfZlYKY57KiSYKXwRTIyhwGnGG9r+MQ7vgfdjFrFWPP63nB5Tlamlgqe:R6p8BQIrlirKX4TJwGnGGV/FU6bTze

    Score
    1/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      4c7d97d0786ff08b20d0e8315b5fc3cb

    • SHA1

      bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c

    • SHA256

      75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84

    • SHA512

      f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a

    • SSDEEP

      192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu

    Score
    3/10
    behavioral3behavioral4

    • Target

      client/error.htm

    • Size

      1KB

    • MD5

      01a53ae5c382fd8531971e05a63c4c2b

    • SHA1

      04ca764a3aa2c168395caef85c50355c1c7e3943

    • SHA256

      bab650cb25f39911d7d33997b64b41bdd33b895aad6f4c55e8383e124c146f2f

    • SHA512

      c3231455ab9c2d027ed3bb16a122b23d3f97ebdc57fd9f414d365cf3cba36b9ed78dc444151d9897d43d870bdcb36617f83d5e38f61df7bc2917c90395cb33b1

    Score
    1/10
    behavioral5behavioral6

    • Target

      client/index.html

    • Size

      271B

    • MD5

      b113d51a1fcc17304cc2a5fa307edd32

    • SHA1

      58c0aa84ead06da2322b21d627b23f491b47b646

    • SHA256

      88b78976841551d3b26eb7acd41f44abcbdf3b5190ca8ccde82736e027569d6a

    • SHA512

      41c584f35110eb4517681aed05fd3c3099de26200f152b2d3651c54b0649e984f56b6e58e6d7864494497ed38f0141bd200f182ad3bda1514b7fb5c586e6cd07

    Score
    1/10
    behavioral7behavioral8

    • Target

      client/index1.html

    • Size

      595B

    • MD5

      95ed9b20c463b10b13b90f44338f1404

    • SHA1

      8432f377c48431c6c9932a07bffebef656de3fca

    • SHA256

      3a358972a4a29a86a1c71aacb0f2d68d58bc01d091ad26cc5d65e6a55f3a77d0

    • SHA512

      a8158eb9f2ebf833f2a32c15f4939504e5baaeddd456f45288c946e70dd659595afae67442b887f0498472f9445db3d105c5e5485811119f8d00536dfdabf89f

    Score
    1/10
    behavioral10behavioral9

    • Target

      client/index2.html

    • Size

      447B

    • MD5

      f22df8035efbf0dfe4dd66337ba0c7a9

    • SHA1

      54d7c4d6a1040a6b4396443f9e029b4c79cd4a70

    • SHA256

      bcec916ae0ddcd4406bd13feaa54a0b2d1b96f11765c858e4dc2f1c93ab94b84

    • SHA512

      573f1df0369fdc92f2943c9cb970248c135129bc86a87e984a57dfe717f7de52de42584e1ceae6fd6db8c969d2895d88b0f1d37c64c3c6032364eba364f24400

    Score
    1/10
    behavioral11behavioral12

    • Target

      client/ok.htm

    • Size

      1KB

    • MD5

      073f5d80a7eac89f0baa8de7dd1fad83

    • SHA1

      dc915ab293ec8519377b3b78a889d404b60e2dbb

    • SHA256

      4cfde6bfdd629e90acf500a89b15c0f4dc367d0a1a193d56072cb5bd3d399dfc

    • SHA512

      300bede6bdb7a4284154ab3bcd139a9a0eb89ec74c6e3e11896daad61ae7e1a9f537a435531582c879efc4fd74659ffea97cf803e4f5151293c355d7fef47812

    Score
    1/10
    behavioral13behavioral14

    • Target

      client/view/list.exe

    • Size

      147KB

    • MD5

      4efa441935b3c7ba986d29a7ffa0c81a

    • SHA1

      b17ad2c68af2b4c8eaf3bdceaa7aeb318dd3a13b

    • SHA256

      cd32e031d7f34bfc9138062207f9891a68634873867d7aca0bc7aae8e76f466d

    • SHA512

      de13bf84bab18e0da0eeae9cb67bbf4471e6d7621c7455b14be57146a29660aa44ad6232825ba924d60d9f03bd188914a22538f8a513d384015fd9d145580596

    • SSDEEP

      3072:LvofeVkO/aa4O3aPJdZTum+SCZk8VsYzuf74fdwWddDCx4MohgmiiRdbhW:UffO/aa4O3aPJdJCi8V8SD/Mohj9hW

    Score
    1/10
    behavioral15behavioral16

    • Target

      mpvod.exe

    • Size

      715KB

    • MD5

      e4ae853f940f772d11cdb231b8cf2b6b

    • SHA1

      d7d1c028c2639329ea0762ea8df89ccbfb94b400

    • SHA256

      938985ca32df0ec5ff1bbe23389a98bf98733e72fd7d70e5ba9ce3802669a759

    • SHA512

      9dd3330c9ea4033de52771755edb69e6b7ee7d59a2b9ce8f2b2eaa294c41e42f9603e0f58a9893b2f95be5204d121bab9767c70cd5f5b07c342bf058849e5e18

    • SSDEEP

      12288:xhveuM43b+/FyNLgnVr8qSFCF2iVVxPBIdqweL7uzrslvd3:vv3bZ14Vr8qUI+dre4rsl5

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      readme.htm

    • Size

      49KB

    • MD5

      266cd9130f500489604ddac04323af13

    • SHA1

      912e6300b70049b7e1cb50cf91466503ca6059eb

    • SHA256

      cf656d0f1284c7ca3c3c4568d2fccf145e6790aa474ef06f27e3e0778233b548

    • SHA512

      622d6880b374f0b9c441b7bb1151eca983db5ac09cb647d693b3fddd70bfe320d50b6a81491011938052a3df7d322dc39959bf656049b3f5a486f926f00e4bd5

    • SSDEEP

      768:n2J+2OK1RJyqMOVinJGKxelOjfdy37uI71FIrm5lYZFXNWB1tUR0s:WIEVgYYrkREQ4mM

    Score
    1/10
    behavioral19behavioral20

    • Target

      register.htm

    • Size

      11KB

    • MD5

      ea1b97b2f161e56b1595876832218a08

    • SHA1

      229ecab9cf22ece208810b5e7558377f6b2eb07a

    • SHA256

      2a1ed9f10cae9a0ab793dc178fbdfddc8e4fb953d4aa5a3dea53893b023c5995

    • SHA512

      7b7ac2e9045b2fd697308f398a592bf9615ecca9fa2b74a9989fe2cbdc13e37598087c06de763c9a4adbf053e67d4660b0ba0e3be043e4be0550cc9dfdc5a05f

    • SSDEEP

      192:ecAXDPcknaJ5PBV14Hu+aEytSCLol6NgvMBcUB:e1HnaJ5Plbn1LcvMBDB

    Score
    1/10
    behavioral21behavioral22

    • Target

      repaire.exe

    • Size

      396KB

    • MD5

      1e364ebd62ad0b357d3e98f961f21e9a

    • SHA1

      55fe4a6362c3e3621940c070c32c138351dea6cb

    • SHA256

      5161649c1b9a8d4fa4f3afe2e0f9717804e0781d123f737e9d74f627e2773150

    • SHA512

      58b72741296254571a53a58b488c3b6b7509f607cdc4719a3f50ac7213e4c3623006729a62c155966dd269d02597eecc84f01846efb79e89c8e345accad47b8a

    • SSDEEP

      6144:gX2/l1eRbXGzJrqNDBqf8fcAylr44vl9SziZTpbvFVtEfFFewTUKkK79k9:gX2d1eR2V8f/ylE4DSyTlvFVMUbW9q

    Score
    1/10
    behavioral23behavioral24

    • Target

      skinhelp.htm

    • Size

      5KB

    • MD5

      0c2fb21551b9bab138aee227001d26d4

    • SHA1

      b18d8f87fd12212ed63beb4ab6e00bfe56906133

    • SHA256

      dc54d7ffa8ee9a7875bec2560ae60900317463f268f4adc38e41e1a59669306b

    • SHA512

      dded5c6cd9b22fd9b3c35c3aca5b46695286ac31f3c106680c7b2719ccfacb38446bc769a14a6d24b794ebceb312ee34fd050cf61d88d8542db024e2fca3095b

    • SSDEEP

      96:kbJfmxOfSQvPcFgo1NIcvtKi8ogR2UVMUhV58rf/QAB6y9WHlfWXavg8zY1ZrDk:kbIIXvPc1eaJ87zF8rNYfWXV4

    Score
    1/10
    behavioral25behavioral26

    • Target

      vodclient.exe

    • Size

      576KB

    • MD5

      81ebcc79f7e9cb4de01cedcd04b3d9ca

    • SHA1

      319d6f10ffd4c9df0d25e4c1ae941a227202bee4

    • SHA256

      216f984533df9b9bfc0f081388145a229148e3eed661d8af36604842270e350e

    • SHA512

      5d7025436509a0504e377f3ab74fa52308ecfadbd3f519b3b70e1cce54b146ce2282ec849045fcb0a50a2a927b52ea37da683229e470ca19f48f47fb238ff08c

    • SSDEEP

      12288:Y6XmWsSEekE5deJEjAQOKvQWgqfDqyFC4on72BHP3TulbPIe:Y6XVdPdeJEjARWrfmyFCLn83TObA

    Score
    1/10
    behavioral27behavioral28

MITRE ATT&CK Enterprise v15

Tasks