Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

npp.8.6.po...el.exe

windows7-x64

3

npp.8.6.po...el.exe

windows10-2004-x64

3

npp.8.6.po...ad.exe

windows7-x64

1

npp.8.6.po...ad.exe

windows10-2004-x64

1

npp.8.6.po...UP.exe

windows7-x64

1

npp.8.6.po...UP.exe

windows10-2004-x64

6

Resubmissions

08/02/2024, 09:22

240208-lcd7ssdd32 10

08/02/2024, 02:25

240208-cwq62adgdl 6

07/02/2024, 17:55

240207-whf9fsac74 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1_npp.8.6.portable.x64.zip

  • Size

    8.1MB

  • Sample

    240208-cwq62adgdl

  • MD5

    daca6a61e1d5128ddf36e0fbce38570f

  • SHA1

    629b61a44b4412a2bd18abc508ad46069779a83f

  • SHA256

    a3a267aa6f5b0ade2e4829ba18a1baa5bf9a622b49767c1f849090d9263ff68d

  • SHA512

    f9d931721bb0099c06ab7cddeca26bb228ac1c0c0e1652fb2f2f9ba0958c75a052e4b54ad350c0b95aa1d0f981d9678bc5b4457a056650ce0932b6401a2a5f44

  • SSDEEP

    196608:+TLcWKqkGTSOwUD4LDqIwOnburMbf/PHU7r3fMsax9WRz:+TAb9OwLqlOpf3UPf2x9WRz

Score
6/10
discoverypersistence

Malware Config

Targets

    • Target

      npp.8.6.portable.x64/contextModel.html

    • Size

      2.6MB

    • MD5

      8f28087d8d0e716368314c2f1a159280

    • SHA1

      7e383ae0f632c02ef98168b6c1a33fd449d6c393

    • SHA256

      0b3731c524e6ba716f15087d85eae7e6225b6b51d4ae2fa6c142ff1523f57046

    • SHA512

      aa21ab18a12a69ff25b24b1c255b0bdc7961985150b07a7f3f4b0909e212295bd781548cd8ea817f3144dfad845aff93df40a513bdb637db7b89bb08fff01eab

    • SSDEEP

      49152:C+sGc1TASKVbmYIBotpg0TunuNeeigv0XIMw4h2pk4PxKS5VinRfepLm7j5:WTAfVbwotpgruNeW0VHhL3S5VicLaj5

    Score
    3/10
    behavioral1behavioral2

    • Target

      npp.8.6.portable.x64/notepad.exe

    • Size

      6.8MB

    • MD5

      ae07a5be89978600f3094c66ac719eb2

    • SHA1

      a281e662b6d1cca0d54cab01a0064b62e7f1f103

    • SHA256

      746bbdd8c754b0ac18a226d2a1cc68792c948033932f5723981a2b5f5684d310

    • SHA512

      d90f42fb42cf2f5f3ca8d25603666a5b73f11fcc3404597b1c023768cf21083abe0d2b19f3ae2499fba469474e818200ca9937b48ee5406f15bd6f9ea3996151

    • SSDEEP

      49152:MuX8nT7KkzbaJ/I1ER5S/qlC1VQHqpyhdRoMSoAMMho/WVEK7yToMoK2w74CS5hg:5/ICR5wPy+elgIXoGJUR6eP4mTr/moG

    Score
    1/10
    behavioral3behavioral4

    • Target

      npp.8.6.portable.x64/updater/GUP.exe

    • Size

      818KB

    • MD5

      e9be0bc06725c372140838245805dc66

    • SHA1

      6eafbbefe6d2b5b6c8fc39dac54881b5f2e61735

    • SHA256

      8038960c66ec29e9ee0f027491c8349a158025faee39d069219b5a3297134197

    • SHA512

      14831f538f5afd80689db24f7536ef725b75ce235a1ccb7f6795440819461d038cede5beeebd28ffbf9618ae984a0f347a9ffe4c0c10da7b914022174a1688e2

    • SSDEEP

      12288:KySK0M5qRxaBr5wFNbgpA0WUVzOR63AczZXBS3CNmBDIOh68ADKbp34zZZ6dNNoq:7qMo2aWqT2KbpIFZ6PNeTw

    Score
    6/10
    discoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks