Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    LS.zip

  • Size

    87.0MB

  • Sample

    240220-vc6fqabg2t

  • MD5

    3c43e2715a1d022102a3f48599872f0e

  • SHA1

    3dfde25f01e2779b5534783ba5315c21213f384e

  • SHA256

    06facc14817d842d2d67c7ecc33fe4013cd5be7aa73efaebf75806b5b42bca80

  • SHA512

    7547b32187189ebeb04622611683a8fc907f267e07696278008d9173bed4186d25c4ae433000712eb4b10c372a4a33bdd3f475f798fcc8d8571fe1e0715ef9da

  • SSDEEP

    1572864:tShstEZiZ94yZRBP9dsdzmAA0dZ1b2nXM6z0IoDQ5KLhtKPM:Wsqi94y/Bl0zhb2n8K0hDQ5CvKPM

Score
7/10

Malware Config

Targets

    • Target

      GS/Europe/AA.dll

    • Size

      15.8MB

    • MD5

      efb16615195e41cd8097d93c4c403287

    • SHA1

      0451fa86ab73604c16ff88d338e7f8bf4b28a907

    • SHA256

      a15256f99a7b80a9d0387142a65892cb13d097416bd491e18fffd17ab1c0fb91

    • SHA512

      1e0e0ca9fff3c964dd570655c73e28f1f2ec9c2ce07dbce089ec1d9af3cd74e5c567d4ce58332d7536e18c5aa5aa3f0ca7581f82cea096c97bf02f769af5d04d

    • SSDEEP

      393216:eyDxQWpek58pQmSXtLaYq/BXILnRi9J58W:z1kF6oknRi9J58W

    Score
    1/10
    • Target

      LS.exe

    • Size

      15.0MB

    • MD5

      ad593ccb75068b98a94bf140912ab23d

    • SHA1

      443a7734af66981fe7cefc798e51341bb4c1f913

    • SHA256

      0b9376a07972ae9b6af9cf42e2b6ce583b82ee9b92f1c791698bee2742398513

    • SHA512

      4203339030a41e2d84b2d19598adc30c628a7640ff8564283bf79b39b0d157c4d6eb1b92611c2b7fe96bb5023dab3e2c899fca78e425df5539c1ee6dc295010e

    • SSDEEP

      393216:YISineJKCvy4sQ2nE8kZle7bRorWMFPlL:/lecCq8IHCe79or7FPV

    Score
    3/10
    • Target

      LS/LS.dll

    • Size

      7.3MB

    • MD5

      0a7d1a1cfe20128cb38c0e22453b2d91

    • SHA1

      61ac81d4ea9d6934ccfbbed86e886fb6b201ea22

    • SHA256

      b876b423eb5cd4f6d541d0761ec9871094e12dc5b75d25e8f657575951064972

    • SHA512

      fe369ae6973a3f421fa7b517bb96ecae653d9739715929eccf53fa189756b834c882ba78635b7a2d8c721cb1f13fe94001d034379dcf0c14412bb9fb2e0fc0a0

    • SSDEEP

      196608:khV8POCTaIGxRjGmIEjKVK1bZgh0m7+xWCkg9Jrw:khimCTaIGxjsKpZgx7+xeg9JM

    Score
    1/10
    • Target

      LS/LS_Process.dll

    • Size

      5.1MB

    • MD5

      6f93a29c91a1c0ce82822915b47d8743

    • SHA1

      d192356d1358a127dfee4cd320334e774d6f8e5d

    • SHA256

      0faf5b7d35fbf67a0697f6d44bb6a550f429ccb9703e213913cfaa6458507550

    • SHA512

      9763b2062821bd519003326c1d63e9eacd02842a831a1ffd7fec442c0a06938b9aff4be3c63733a7e92a053607c9dbff0478a243f90d5134722b2824ac7b577a

    • SSDEEP

      98304:sJCHD6MVsn6dsEDLhVcrICsB8aLtBmqFBhylORZHxsjp9FRqRkz:sNMA6ZhVcrM//puYRsd9rqRkz

    Score
    1/10
    • Target

      LS/LSload.exe

    • Size

      11.4MB

    • MD5

      101438ab4fe1a97799c73902876004d1

    • SHA1

      e04694acfd96daef068d1679fbf8f618fae82381

    • SHA256

      75c7514469f0ebed66cf5aecb6d5c3960e2d4907e0d31314129c44302c87b813

    • SHA512

      932602b23ff433a763bd62a4e24754f11bc8c1ccea2e1a55a8fce1317ee430112c45876ae558c1eb638ce3d00620cbd854fa55d1f19ef5528b27df3174f921f5

    • SSDEEP

      196608:Q04e61iSoHWd05G7ydBAxnDHzxoM1TR4K1mlS0kVAR0aEoSn6cXlxzBhx3x:7rh5dBAxbuM1TR4+Q2AmlL6eBrx

    Score
    1/10
    • Target

      LS/LSsys.dll

    • Size

      4.5MB

    • MD5

      9e5211585d05228d726b365f947b7d7b

    • SHA1

      f68f1e36480059efb3ae6253cad1775e1b3646c1

    • SHA256

      5561c889477409675b4d9ab8e5f00004cc2395c4f30fe27a8a319f1d25868310

    • SHA512

      defacab633a8cf57e6ac195ae69ab8b12a5d557091dc322ab288fc2629b60fc739d2812ad3610b2087593e299f2c3578cc50ef047af79756582c6796090db3ae

    • SSDEEP

      98304:O9Bby2fbQYuEvseHqTbEVvrYrHm+1/ytBhIx+l2eFmaTHJD:w7b8EUef1gG15IIlvFmaT

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      LS/LSsys64.dll

    • Size

      6.5MB

    • MD5

      da4afbc40ac7851411974d7de2a4e3d2

    • SHA1

      150ffa8c424d6ff37f5b601de5a2eb8d18baa1c8

    • SHA256

      f015ae07dae090916ce3a9beafefcab09696716dbb84d78617565840d42f6195

    • SHA512

      7f346025e77af823feb42b22ef25f4ae9bb022e1d970fcc2c3e495e9d87a7f28f37f7184a2ceb7256145e573acdd4b35e67a8f4913975aceada6b82366d1e5b5

    • SSDEEP

      196608:8E2w4ZD7N4luJVop/JlF5YHwG/kJouNqt4RAY2:8E2Rr8Bf2QGM4Y

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks