Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Cwmrecoilcheat.rar

windows10-2004-x64

7

cwmrecoilc...ME.txt

windows10-2004-x64

1

cwmrecoilc...gs.ini

windows10-2004-x64

1

cwmrecoilc...il.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cwmrecoilcheat.rar

  • Size

    406KB

  • Sample

    240220-xrfvqaea39

  • MD5

    b3a09a1e4cbd62b2fc20c20ba87b2136

  • SHA1

    4e4d1be7eade43d7940ede0bc30d57e4ef209412

  • SHA256

    46c4ce58241ddffd9c6576189339bac41b800264ff215547aa8fd31c21b932c4

  • SHA512

    55bf0197e525c32eafad11e56f503454b29d807658628637e36c042667734c7e4146f51eed77da9e4e5bc613e5e87b908f9dc2a5c1e2c05ad0d980d0b3380718

  • SSDEEP

    12288:djW8DC9uSNsZVkbMuZxa/1gg8aD67tDfxBvb7:dXe9uSNo6JZQ/156pl5

Score
7/10

Malware Config

Targets

    • Target

      Cwmrecoilcheat.rar

    • Size

      406KB

    • MD5

      b3a09a1e4cbd62b2fc20c20ba87b2136

    • SHA1

      4e4d1be7eade43d7940ede0bc30d57e4ef209412

    • SHA256

      46c4ce58241ddffd9c6576189339bac41b800264ff215547aa8fd31c21b932c4

    • SHA512

      55bf0197e525c32eafad11e56f503454b29d807658628637e36c042667734c7e4146f51eed77da9e4e5bc613e5e87b908f9dc2a5c1e2c05ad0d980d0b3380718

    • SSDEEP

      12288:djW8DC9uSNsZVkbMuZxa/1gg8aD67tDfxBvb7:dXe9uSNo6JZQ/156pl5

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

    • Target

      cwmrecoilcheat/README.txt

    • Size

      307B

    • MD5

      8843f5c779a9ad4e2c8a270a119089e4

    • SHA1

      85a45a8583d63b1397e133c98204492c4b5598ad

    • SHA256

      77c1077e71a97ea1707f53ee8788f7bcf74e3830aef23c81e1b1058280dbb66d

    • SHA512

      dbc3a99da3839d1133ba48831375b3d28825e2f5c4930711008a44299f551377ca5ed97050a5dcce32ad4f09503ddbb283b005d86cd4b125d32c3aec8dbe8242

    Score
    1/10
    behavioral2

    • Target

      cwmrecoilcheat/settings.ini

    • Size

      508B

    • MD5

      e11b1e7d46795a31edf460ca3b858092

    • SHA1

      98e53c45e03fc36a17dd37ec17882cb59c857c3c

    • SHA256

      76b48d9ea162484c5ed4b07996931feaf8d2e17e6fbf781ee6b82b6e26880b33

    • SHA512

      f0b7f12eedb9137c4809573cf4de6ebd92dc692e27beab4c751a4b32b3597c0f82325b5a95cb6f4d2e23034ffdbf8e7297f65b0571493a791d076a2d29488a85

    Score
    1/10
    behavioral3

    • Target

      cwmrecoilcheat/unicoil.exe

    • Size

      904KB

    • MD5

      73ba1b093985d6b09ff3107b9f635630

    • SHA1

      a8528462159913b96bbb1e870f0a738f363f2fb9

    • SHA256

      c6874a0e7add4cc916b6dbe67326898f48ccd6cfc3f47eb15cd7545b409b7ef4

    • SHA512

      9391130aff46a4fcfccb17d9bcfb220d4cab55958e66008d8d4691ce3aa3d13e963cfe8485a2400d915052da31233b84e02f1d547965a626f326a6c533624fd5

    • SSDEEP

      24576:obWeUBlipNL7vRznMyW+nVq3R72tM6MLiFs7eHt3eh39c3CnULu:NfBcdelkuR7X39c3Cn

    Score
    1/10
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks