Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
3dex.py
windows11-21h2-x64
8index.html
windows11-21h2-x64
1launch.bat
windows11-21h2-x64
1objects.py
windows11-21h2-x64
3olympia.py
windows11-21h2-x64
3pyarmor_ru...t__.py
windows11-21h2-x64
3pyarmor_ru...12.pyc
windows11-21h2-x64
3pyarmor_ru...me.dll
windows11-21h2-x64
synapse.py
windows11-21h2-x64
3General
-
Target
betav6_2.zip
-
Size
735KB
-
Sample
240222-233wvagf86
-
MD5
cd2bb9857320b4a4f8616d3efe956823
-
SHA1
a7e0809e4475257fda01291a27ff1207a996a185
-
SHA256
3d16c0b2b646b27b4c97e8faf25cc0fb6163be6c8a06052e35c871ecdc1a2e0b
-
SHA512
8a8e3d27a344203f47133af92c997a27d236e472e167dd246e97ce82613d8e481e6f16bce74d5aa48032585602c6969c782d22d780308e0fec4801ca07233d3c
-
SSDEEP
12288:ldYUdLAZAJa2h9j8vAXKb7LGme6f2PyWRq7oGLslRZJbEqFQn9ZjOwK0lu:lRsAk2CIKPW6f2aJoKAvFQnPLK0Y
Static task
static1
Behavioral task
behavioral1
Sample
dex.py
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
index.html
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
launch.bat
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
objects.py
Resource
win11-20240221-en
Behavioral task
behavioral5
Sample
olympia.py
Resource
win11-20240221-en
Behavioral task
behavioral6
Sample
pyarmor_runtime_000000/__init__.py
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
pyarmor_runtime_000000/__pycache__/__init__.cpython-312.pyc
Resource
win11-20240221-en
Behavioral task
behavioral8
Sample
pyarmor_runtime_000000/pyarmor_runtime.dll
Resource
win11-20240221-en
Behavioral task
behavioral9
Sample
synapse.py
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
dex.py
-
Size
72KB
-
MD5
7f6b5c695ac2a3543a9921464a0b2001
-
SHA1
0e6d2856a5156bd1b344b0c00786c43fc426094d
-
SHA256
8698edb79ed0c8025d3e38313e691d3a580aec4950e73028cfbe1aa38427d591
-
SHA512
f1d97f72cd7229856d32ad33321f2188084fe82ffa886b387481141a0b4be2090aa231d454556c4a3702c1692c406a3f0b32632246deebc1a270db39977f07ad
-
SSDEEP
1536:spm9vXREPgKx+jFhdRvcAAKLg+jDCQX2mdR6QXuV5jmiKjuCtmHyl4ihlCnLje1F:spm9/RcgKx+j/kA9LpKQJdR6/V5yPjuI
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
index.html
-
Size
5KB
-
MD5
0af3046ee6edfda13b9937e605fb465e
-
SHA1
019bfa006ea2b31e293c4d212012385a47c79be4
-
SHA256
336ef0c1dbcfb6b43e7443c154cdc4f36b7436ec1c370fe49caae080a8df99c5
-
SHA512
ac9d7a442ea7a2b1a96baa3fc2c21ecdcc3bf6427f6f3ccd3e47ac62386e1661a02ca3093c6dc14306260b25d5ac3258b745c80809a902ebaf3dfbf8bfea4134
-
SSDEEP
48:pqNmNyhJgg3YyriumLvt+Z5prqRuYZAoFjAfFi6UFnQB2yr08yWDot9mq4/uR6+B:ADrfmeBWV0BUKB2yo8yWD+9HHB1LL
Score1/10 -
-
-
Target
launch.bat
-
Size
55B
-
MD5
eba1cce2735dee5889cd301bd8d6920c
-
SHA1
8603ce6f40ca1e7c96e2d0f73bea0c7f2ce060d1
-
SHA256
1a657bd8ee49122a706ee9e7f59d53e8c052213d94febb48134b8e64789f5b92
-
SHA512
3c40369fe4755196579a1ac2783e6069d0a49bd159641973e3576b295351495ae7de87085915517e7e9da6f8a601d2658affe63dddaeef8e3869f5a44ce9521b
Score1/10 -
-
-
Target
objects.py
-
Size
50KB
-
MD5
42d811d9a9b6eaf38796fa43856a25bf
-
SHA1
e77278eb211dc69608cbf66e0351ccae6765dc41
-
SHA256
e20593f5f3c8c51f578b9643ab35ed8e2088d049212336dfb40855415346ef5b
-
SHA512
b6fe10e1fc9b6a881cc66551f716e4eb0df96f6f0e23e05eb90a28983ded73ec4f740791588b22b61e3b7065b9cd372ff9dd67d4779be386d86326f294e77882
-
SSDEEP
1536:dVYyxXmTPO4WHyjRfzg3PxqbhMHGPm9hSBFung:LrXmzOWLg3PxqbhMHmghtng
Score3/10 -
-
-
Target
olympia.py
-
Size
77KB
-
MD5
e2d3dd55819057748b87e440ca04aa76
-
SHA1
7cb34f7a396c34c217ab2ea167b398d237164bc0
-
SHA256
47356f6f2d33a1b7175d0d78efa9914662a09839082b59a560dbb1019fd973ba
-
SHA512
2ca54bcbbd2ab1a3bde5ede95e4a9c1ec85a22fccbe68af1c0f3788118fffe97ecb204944ff0cebeb807de40c26634bc7138714a1a668e05f5ccf9d58a281542
-
SSDEEP
1536:XxrdMT7gm16DRkIzzBoGtgE2Y5WvT7GA2FJcvQ6KrP2f4qvZ3lqJ163D:XxrdWgmkDRkmGGtnT5Wb78EQvj2wqB1Z
Score3/10 -
-
-
Target
pyarmor_runtime_000000/__init__.py
-
Size
103B
-
MD5
3e6a43280f67a1dfe527a31b6e6f9f5d
-
SHA1
a7ae7c51c3143c36a3d0722b0596ccd954697aa4
-
SHA256
dd990b723ec5ea4b18188374279938e3d01a58809526ec26dda9598d67e78483
-
SHA512
ddbfeccc5b6215196d0ea41947cdc5072a7255b4ace8ad655864b51af2e07d4bc66ca90c92c54a902a0d5dcb0fa85d46cf47e787d82163c4484f3a7e531cde4f
Score3/10 -
-
-
Target
pyarmor_runtime_000000/__pycache__/__init__.cpython-312.pyc
-
Size
231B
-
MD5
3d248dc97d67db3a5a70faa1e21ccbc8
-
SHA1
b03f1a6526b96818893e8a630bb61da23dae4773
-
SHA256
e434702396ab3379ede9b84ce83f0dc4858994f86ad12d8f786719ac6e8622c2
-
SHA512
38105c7c08994dde053008b9776cd2ea6f338748569f6c2eb7451eaa6e0b198583c6a0363221e209f9a3ab8dac09b059bc1299c86d1c906443831accf30546c2
Score3/10 -
-
-
Target
pyarmor_runtime_000000/pyarmor_runtime.pyd
-
Size
611KB
-
MD5
5402a5c8f6f0e3dd761f5d663f95b7b7
-
SHA1
fdb9bda4542fb10811b16a6c7ec1863504a0802d
-
SHA256
6318874dbd87e717371ad6e66767c85c5bbe1ac7a5719ca1617ea66d09f62702
-
SHA512
1df05c4b35dafe3a1fc45e6c73f4bf2442d6ec0b88ed2a8519c99e4c2d0fee4dfe789f67a7208c7725e8d0e6b657f5214ee9b2c328e09023c6d08c4272aa0368
-
SSDEEP
12288:jsX4kuP9hXcuFdcj7fUoPNMNu5RnEGHOs:jsOcuFdcj7fUoPNMNu5Rnn
Score1/10 -
-
-
Target
synapse.py
-
Size
72KB
-
MD5
039b14c26da9cfc8069a963bc79f7db3
-
SHA1
eb258e25536eb2f68c7caec2bf8be2644164a42d
-
SHA256
0f10da04c8f34ec7b3253312016ad2ca218e7b28eb29dee10f17b2faf04d07d1
-
SHA512
5214727c6b67240558ef3afe8385214517b6136c7ed9862849e563009af822055c4e737da8c32b3ab60102ba662aa6da9978294fdd4a313fc3e2b100d3ac12d0
-
SSDEEP
1536:XxDef7ua5lO5J5zb/ApV2ux5oExXJDsRtanbgt2nqQDaeFwuAuPcKH8CA3yU5Rye:heDuaepPE0uQE9JhnbgeqbeFwEPN8CAh
Score3/10 -