Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a07539359433b9d0bad2a6d2965346fd

  • Size

    7.0MB

  • Sample

    240223-11mw6shh89

  • MD5

    a07539359433b9d0bad2a6d2965346fd

  • SHA1

    3ab462a96d82d60ac9c687c17c2f95ec28c5e677

  • SHA256

    be68c54bf25595d493a529c7f64ea38629b44f07c4551c208752b0b57060e2ae

  • SHA512

    eca913d9f56824744328a6504f5baa537f9a445628e0bf3db58fec7956d130c6b38dde1e02bf7187ef425e8afc868c2a13c9bb32fa35097411e71da1e5ba2077

  • SSDEEP

    196608:Aj9ODz6tHPNMseDMuS7VFKPDlWwlVVd7Pdw:A/bMscMNCblVb6

Score
7/10
upx

Malware Config

Targets

    • Target

      a07539359433b9d0bad2a6d2965346fd

    • Size

      7.0MB

    • MD5

      a07539359433b9d0bad2a6d2965346fd

    • SHA1

      3ab462a96d82d60ac9c687c17c2f95ec28c5e677

    • SHA256

      be68c54bf25595d493a529c7f64ea38629b44f07c4551c208752b0b57060e2ae

    • SHA512

      eca913d9f56824744328a6504f5baa537f9a445628e0bf3db58fec7956d130c6b38dde1e02bf7187ef425e8afc868c2a13c9bb32fa35097411e71da1e5ba2077

    • SSDEEP

      196608:Aj9ODz6tHPNMseDMuS7VFKPDlWwlVVd7Pdw:A/bMscMNCblVb6

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    • Target

      $TEMP/AnVir.exe

    • Size

      5.8MB

    • MD5

      3ce8da2131fc96c8c0cd6df7912b7e0b

    • SHA1

      fbec5803a4f4a5bed388ff690188f7ff390da95f

    • SHA256

      ed69abf519d588d32b4ce8563b42ffaaa9011f694d7c39c70de2271beb2ed90f

    • SHA512

      1a07cb5f4bd6106428bfc2335d6bd67a7a6ad72a12fef840646cdc410544554f809e2113edde806193a5b5f2f39af363816d353dc541451cd8a964ceef09a3d3

    • SSDEEP

      98304:/zTbq7FAtKFVkepYbRM2qAKziinEvYzkAhfZllc1Cnk5dYLyCfIX:7TUA8VXYtMxAKziXYzkAc

    Score
    3/10
    • Target

      AnVir.exe

    • Size

      5.8MB

    • MD5

      3ce8da2131fc96c8c0cd6df7912b7e0b

    • SHA1

      fbec5803a4f4a5bed388ff690188f7ff390da95f

    • SHA256

      ed69abf519d588d32b4ce8563b42ffaaa9011f694d7c39c70de2271beb2ed90f

    • SHA512

      1a07cb5f4bd6106428bfc2335d6bd67a7a6ad72a12fef840646cdc410544554f809e2113edde806193a5b5f2f39af363816d353dc541451cd8a964ceef09a3d3

    • SSDEEP

      98304:/zTbq7FAtKFVkepYbRM2qAKziinEvYzkAhfZllc1Cnk5dYLyCfIX:7TUA8VXYtMxAKziXYzkAc

    Score
    3/10
    • Target

      AnvirHook65.dll

    • Size

      104KB

    • MD5

      79712c891558ae2790aa88a8e5cf6059

    • SHA1

      8e75f8dc4eeab4055ca4e2bc7950f178c9f002e9

    • SHA256

      a256ba508d443da0a5d0f1b95f9cc9c8ee0fc0ed841ed0dc0370584a39dbe246

    • SHA512

      84de473b4859bb2cb008eb51c2eb4a1511ca42eb8fbb8bdcbf6f6fc0404eb0b6d7222afa9b9772e4463b2f3120df75fe318e9343c111a71b91b09c54ca902aee

    • SSDEEP

      1536:Bi43upZwPzslWWmaqAXLEHB6FggbwR9oIoDtRxUQJEYbtZNRr2ofe:F+vwm37GB6+Irt0QJE+two

    Score
    1/10
    • Target

      CoreTemp.exe

    • Size

      369KB

    • MD5

      cd9de1a9374f0439f25916478a7eb167

    • SHA1

      197a09cfb8b06d3fb58f888632347ee44bbb2132

    • SHA256

      186e87f9b894fa985bee07e7da375df9ed0df19e2dcbae133fe7dad9d8e17aca

    • SHA512

      c90ce29821b96df83cbd5b422ef3015d20226f4f651904085ac255df6bc7c1b9d79fa5b94ff47dac9520906023aa95a44057cd1b29a9c7e8e028539f02ed0d09

    • SSDEEP

      6144:Jgph55btC+yNbcUow1BL2+abrJdRlBQZT5NQHT3XbzdwbIUKrK3BdCY6m:JYjCNnfUrJdRlBQZT5N+bfdwAKh6m

    Score
    1/10
    • Target

      CoreTemp64.exe

    • Size

      461KB

    • MD5

      67a9ed3059cc0cf57cd183fa8a61e8c4

    • SHA1

      12b65bf20fde09d5fb618d94f36c251aee706b2e

    • SHA256

      33c90242e0c355ddfd7e7491967a465267e0546c8b5d12b5f313e0cb8fd56361

    • SHA512

      a606e4d644a8a6a45ec2e46a7b06e23f04a40bd04fa0610590538a4f55509cf9ed10cdb87d67ca5a9c5ad0a3a96935ed9e4ae2e7e2b6434a6d680bd6140f34a0

    • SSDEEP

      6144:lBOp8PJsqMEgPFE5diN+sw9XgEcv7gVpA6dgISMAZOa3b4k1ZImcLTFY08h2XCYX:Wwtsw9XhzpLhAzhcy08e6m

    Score
    1/10
    • Target

      ROIntegration.dll

    • Size

      697KB

    • MD5

      fa958546404323c023d0171a90c4689b

    • SHA1

      1c765a9f59b89cbd3015ed171ca65134fa7941ba

    • SHA256

      2c107c82ab4a63b6280f85396183940ff0fdd88f8c3013263fc1804dd8cb7e18

    • SHA512

      23bf9bf0ffa8df83f491add0479562fbce219b2bfde4ce30929c0d63ea7d84a691b1999cac8a7c9d49c4593743ebe5a4cb3f98ea089eeea613f4aabc4645085f

    • SSDEEP

      12288:c/qsoRf3QMb7aDdEVtM9wzbeFp5bcP8oVCJHsu7ueyaYzIN888888888888W888c:c/qzRf3QMb7aZAtM9wzbkpHlII87

    Score
    1/10
    • Target

      VirusTotalUpload.exe

    • Size

      153KB

    • MD5

      eac393c39ac69ca813acb017cb4ab05f

    • SHA1

      1a52d42dc606f515c8832db3d24d48d7cdc8c31d

    • SHA256

      0c3bbca54c19d81a3df2229d09bff373b61f7ddb495ac6f247ba15b074b5fc63

    • SHA512

      779662c53d83f0e13cd3e17ac5e0ebe275ccd7f5f0e3d7388372082d8ff3701056b8d8e25e6a828a87dcc062c6cd2b6e55b1737d3617dbc1fe9820a335b038a0

    • SSDEEP

      3072:UYVPSCWCKoT2gNMLMME6eHEqPpvsTmQwUM7W:UYVPSbCPagmLVE6eHRxnH

    Score
    1/10
    • Target

      reg-organizer-setup.exe

    • Size

      3.5MB

    • MD5

      012de0464f7e3097081e716b84549d7e

    • SHA1

      fe8389f53f2f13cea4984233286a99b515cdef58

    • SHA256

      ffc5f6d72d06c8d4d281c02c1f3b4d9029d57fa437af52d3b2666077e1705c38

    • SHA512

      951a899d2936d083313a8381576ebd9e97acb057a043f97865afe2df621f343edd81f4e244462835e0a132c1e4b712af5c69d9c2529ca684d32905961b7b968d

    • SSDEEP

      98304:zVf0cpo6EbOSzqYpCsw5apF5soRBIPGqYHk:ycp5EbOkCsvMoRAa

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      tweaker.exe

    • Size

      733KB

    • MD5

      1dff5b8735d0adb399f404fd830c03a9

    • SHA1

      4db4a1ec79ca241b2d8782939c4c2e2ffeed804d

    • SHA256

      96122cde65a2e909dcda36d52ce609fc45bea5104c2ad068d6b1f18fd5c583d2

    • SHA512

      419374f18f4ea29f09fda147ec3d92971b0bc663283cf8b37ddec858617bf896ceefff6aa60a415f6c832b614b09250b9014f16bea9dfae67b28a264c1e5998d

    • SSDEEP

      12288:Up+0ekPkVjj1m/EKwobjTwI/ntUD/69oc5dc2dVvKoskEmAdt3fZebS/lq2gGH0A:UYhjj1m/PjTwIv6C9D5WxkEmAduO/95p

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      usbhdd.exe

    • Size

      107KB

    • MD5

      0b6856351b2839e30dd809176fb577c8

    • SHA1

      9b0821e94d9c64ffa5d442f26fe956ceca140189

    • SHA256

      d654915eea833d798b45f6dc73fd6e035d7591a88b550f6f75dfb5a0a0225b27

    • SHA512

      f2da7978cd3a3a3a82601114b198045b0b211a9838d50766c0a12022c20d8a050b6e6437d5259ebc9f6d6b3ec751fdc28258eb8b4886804a45e371951ecd8319

    • SSDEEP

      3072:UWu+WrciOxOQ77qUDb6PZULveY2Ba68D7gK62F:UWi+xd96PaifWD7FtF

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks