Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Julien_and..._C.rar

windows7-x64

3

Julien_and..._C.rar

windows10-2004-x64

7

Julien and...hy.dll

windows7-x64

1

Julien and...hy.dll

windows10-2004-x64

1

Julien and...rs.dll

windows7-x64

1

Julien and...rs.dll

windows10-2004-x64

1

Julien and...ds.dll

windows7-x64

1

Julien and...ds.dll

windows10-2004-x64

1

Julien and...re.dll

windows7-x64

1

Julien and...re.dll

windows10-2004-x64

1

Julien and...ns.dll

windows7-x64

1

Julien and...ns.dll

windows10-2004-x64

1

Julien and...st.dll

windows7-x64

1

Julien and...st.dll

windows10-2004-x64

1

Julien and...et.dll

windows7-x64

1

Julien and...et.dll

windows10-2004-x64

1

Julien and...ok.dll

windows7-x64

1

Julien and...ok.dll

windows10-2004-x64

1

Julien and...er.dll

windows7-x64

1

Julien and...er.dll

windows10-2004-x64

1

Julien and...es.dll

windows7-x64

1

Julien and...es.dll

windows10-2004-x64

1

Julien and...ns.dll

windows7-x64

1

Julien and...ns.dll

windows10-2004-x64

1

Julien and...on.dll

windows7-x64

1

Julien and...on.dll

windows10-2004-x64

1

Julien and...er.exe

windows7-x64

1

Julien and...er.exe

windows10-2004-x64

1

Julien and...rs.dll

windows7-x64

1

Julien and...rs.dll

windows10-2004-x64

1

Julien and...le.dll

windows7-x64

1

Julien and...le.dll

windows10-2004-x64

1

Resubmissions

28/02/2024, 11:10

240228-m96traab8y 7

28/02/2024, 11:07

240228-m7zbwsab3z 7

28/02/2024, 11:06

240228-m7grvaaa72 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Julien_and_anarchi_selfsniper_C.rar

  • Size

    2.9MB

  • Sample

    240228-m7grvaaa72

  • MD5

    cc5610e6313e3ae170f1c51397c51ed0

  • SHA1

    8f90b6802b1b290e808920895ba74490d524416e

  • SHA256

    53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63

  • SHA512

    75828bb0e08d8dc2d3ac85974127a059277c084bd76d022eb6679a3231a28adff248e133a53bbd7b892a72ab79836ed69e8506281f67162c65ea2db3b1a44609

  • SSDEEP

    49152:ipGqHPpVT+bzj++y6wDsAeWUyi0ELfl4pUxaiBMt9TOdKfH7ZnptvHi7NWVxAq/a:6GqHxVabz7PAUtLfl4p6QwdKzZpFk0Cf

Score
7/10

Malware Config

Targets

    • Target

      Julien_and_anarchi_selfsniper_C.rar

    • Size

      2.9MB

    • MD5

      cc5610e6313e3ae170f1c51397c51ed0

    • SHA1

      8f90b6802b1b290e808920895ba74490d524416e

    • SHA256

      53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63

    • SHA512

      75828bb0e08d8dc2d3ac85974127a059277c084bd76d022eb6679a3231a28adff248e133a53bbd7b892a72ab79836ed69e8506281f67162c65ea2db3b1a44609

    • SSDEEP

      49152:ipGqHPpVT+bzj++y6wDsAeWUyi0ELfl4pUxaiBMt9TOdKfH7ZnptvHi7NWVxAq/a:6GqHxVabz7PAUtLfl4p6QwdKzZpFk0Cf

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      Julien and anarchi selfsniper C#/Discord.Net-Anarchy.dll

    • Size

      5KB

    • MD5

      8eaffbb862c82165d4c0bf606e46c1dd

    • SHA1

      9552e06b4c26a22f3a9dad3944cd92935b1574d1

    • SHA256

      7987b8424af27998db69433e24bf8d6f10a6083ffc992b277508f4856b07b32d

    • SHA512

      bcf8b713c405b90f9f1fbcb61dd79ef7d06355e4333c08a4967202a0c14ed085caac846cac04352dd6dfb66058420a6b8bed6d23ec02ce54c25dc7d5e7b85c9f

    • SSDEEP

      96:h710UQu1CVfncg7DYitduwuGunEVs+x0V:hbQu1CVvBpMFbnEg

    Score
    1/10
    behavioral3behavioral4

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Analyzers.dll

    • Size

      9KB

    • MD5

      2805f63831abab6f181fe942d2ca8639

    • SHA1

      0a252cbf69e3546a543209c36bb910ad04eb9994

    • SHA256

      96e9caac5cee344cb9f62c43796cb60ae39eba34dbaf553e2442b7e4cd3cd5a4

    • SHA512

      477a00ab1b49294d0f597db46cada127418f162cd20e8a9a28696f780453aa45fed7224d204fe6f73ab8670bec4efe3e16d9612865bcc78adde90c3980855f5c

    • SSDEEP

      192:aG7k1XZyGHgs39aI4fol9JIWTR7vtzX1dzqqHwZ:aVX9Hgs3MI9l9JISltXWAk

    Score
    1/10
    behavioral5behavioral6

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Commands.dll

    • Size

      144KB

    • MD5

      da6fae8f02ff4780603856b883f51d86

    • SHA1

      f92af91094acac4cb7aa8e0265909b12eb99b5c4

    • SHA256

      4b21c70ae1ac59a765c8f2c830b3accb459df1574ae40204c27ffbc8776df2ed

    • SHA512

      08da80d7b77a84a45e081ce79f5f883af3cff9bfcb769d7949b55a63084a52ba2fe7ca672b50aac44a1d9cdf201229f9662c3414d9dad79a8c16c597bbaa05b0

    • SSDEEP

      3072:lKBMu8rhozywlHpEITaYnsPsWqzQoP+gNH9sNSOhOA/DVSSQJl1DYdI9L5NgpiPN:liHWhO9L5Ym

    Score
    1/10
    behavioral7behavioral8

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Core.dll

    • Size

      803KB

    • MD5

      4b67261ee622fe515d3d4123cdc8c5eb

    • SHA1

      d01241756ae7e2e58827c1eeb302607d92a65843

    • SHA256

      72f0ce52197143b4a6bd5999cec05b0c4ed00db041a62549bb74c7bb2f308b29

    • SHA512

      4e72659e9a0be45aa8e725e805a2f033691dc0f6076ec2abb675019a2f5411f0ce8e035a43309fb8e3645ba282b0f813da04bd7acaa5003aaa67ffc17c9f79c7

    • SSDEEP

      12288:i0uzoE5PuDuMT8n/uJug2BBfmZpp58aO0cscwiYyAvgvu1znGOWWi4iYyJ6hsTw+:i0uzoE5PI4/uJug2iZM

    Score
    1/10
    behavioral10behavioral9

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Interactions.dll

    • Size

      267KB

    • MD5

      e020ec5a6b967db10de0c96b15084476

    • SHA1

      30ef78cbf6f4bc086d700a1d975d4527b7feb9eb

    • SHA256

      e5e0fa49a76aef30e4c0c6bdee38c3a31b666ea75b0fea7b98d8ad25a064ef78

    • SHA512

      0c52c357a64c6ba16224274bac1e232567ec109264484c049e746d4f5177572ef2e08823d09ff9c894e7b2a415308ee1cf2545c5fd968243d51e31da8526b82a

    • SSDEEP

      3072:QoDPANNm2DKGEcc9+LLBSZ6sQlM2o7J38Z4YQK4W5i3/N/BbkEYmy6Mn2RmQ:RjSv3L26slJ3NBbkT2R

    Score
    1/10
    behavioral11behavioral12

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Rest.dll

    • Size

      1.5MB

    • MD5

      48b9feaf8664fed26a65983dc74f9990

    • SHA1

      763d0e545abaede589eca3db447d3abe15255c1d

    • SHA256

      e84c35581b3b87fbf823f690aa18fa38d1b01ba5cecab162c0da15c11fcc09fb

    • SHA512

      0ce3b359b7687f57ea03458d7df0076004adba46886572484762e34810b124d910283be8a4c16fd7cff547f7eaf3102ca816423f21509a0bc006e3d73c611b2f

    • SSDEEP

      12288:9+65TsA6FRmAaPdMebFZBcEDl7ef4nNl/eLBisa8aIn1zlAiTKEMwzRdJ86E7Fny:p5wnGhqsCIelU886E7Fd1CH

    Score
    1/10
    behavioral13behavioral14

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.WebSocket.dll

    • Size

      884KB

    • MD5

      0d5bbd1205c7d2461f4c5e70935e59fa

    • SHA1

      32371c6b58ee93fd4d0d9763feaa884f2206f59a

    • SHA256

      05a8553e2831a02fa6553187e5883e55703a1d8137b4f605d959005b00b6560f

    • SHA512

      f7b546321138d67a824a6b52e9d7c30ab2c0a7503786b96a87bc369392475754da74c0d84ac1ab8106c246c384636411ad5a2eb6d5ab07560f9fbc4aedf0cc35

    • SSDEEP

      12288:gwv3zKUtPn2/Zq61oOjmUNuLmNq+qBdSnfMaCKv3easmHNfU8y:gwCxj/NPfMaCKv4mtty

    Score
    1/10
    behavioral15behavioral16

    • Target

      Julien and anarchi selfsniper C#/Discord.Net.Webhook.dll

    • Size

      34KB

    • MD5

      870cc1e28844464db11daa43b4d1a677

    • SHA1

      a5feed76792362d8c3bdbc4096cd321da6f57ab5

    • SHA256

      89d4db9e66e6f1087cb323e456a820e80ddb6d6550e2d0a9b1712c7fcc8682cb

    • SHA512

      66547ac3f3963b39091e7d1cfe6e3484c96e6cefd4fda62f54b6952f925e1729025f9ca7ba1019d389eb03fda1557e84ca0e9b81249050cc3c1910317bb47337

    • SSDEEP

      768:igIILx7YY1Q3wRpnp4Fa2OskQkwfqPUpWXq/NZhUj:XJTp2+speuNZhUj

    Score
    1/10
    behavioral17behavioral18

    • Target

      Julien and anarchi selfsniper C#/Humanizer.dll

    • Size

      207KB

    • MD5

      5fc547c851275cc7a1227843c7b35daa

    • SHA1

      5e22f33bf7dfa5047fc9f661cf7ae069832bf006

    • SHA256

      40dff6faebcc6e2babe37003853509b2050e806edf3c5f141fbb85fdc0d1bea7

    • SHA512

      3382ec32d38bac335fb01464337bc0189a1f8cef33fb94c5d99c02655b4c14160fdf02786789a9687c1d651af0ca1a2b55417e8f32570ec5355e44624266acca

    • SSDEEP

      3072:3EMxgfS3v/xcvZL8i6KHgFgJyEnJi5NV2XpFY7oejVLqoLbBr6h7sA/:37xgf+WlJiJ2XLYMejVTV6t

    Score
    1/10
    behavioral19behavioral20

    • Target

      Julien and anarchi selfsniper C#/Microsoft.Bcl.AsyncInterfaces.dll

    • Size

      20KB

    • MD5

      1ee251645b8a54a116d6d06c83a2bd85

    • SHA1

      5dbf1534ffbff016cc45559eb5eff3dc4252a522

    • SHA256

      075ce79e84041137c78885b3738c1b5a03547d0ae2a79916e844196a9d0ec1db

    • SHA512

      9f67fd0566eac2da4253d08697daab427e4e85780615d940f086a88424dcbb0563abae7e4824088e64ef7024c1bb3bbf324f2d07bc7ba55f79e4af3c9ea88e97

    • SSDEEP

      384:69P2wZOXm7YJVHTe+0VJI0vrdaVemxO/f7vWeq/WIdHRN7bg30uw7lGsV9W+:u2zmYrHCV9cIL6TbtCSW

    Score
    1/10
    behavioral21behavioral22

    • Target

      Julien and anarchi selfsniper C#/Microsoft.Extensions.DependencyInjection.Abstractions.dll

    • Size

      43KB

    • MD5

      7a9b8793552ce40160a6d273b22f807e

    • SHA1

      1c302ea0a44f517b97af19252140ec710d5d3bfb

    • SHA256

      200aba7859ecfb045d43a8e2bf9abce4c929507364b7714388f59affe708fb06

    • SHA512

      7d5ea03d5815a6f5705875fe6c2d2179c6ee5468d6b19423f04c8982e64226e656bfd7ccaf7a5756c7046d2e6d2c3504190ba642e02bc197d48dad9320fd6bd5

    • SSDEEP

      768:gQnUmCQ0dQ8d2TN7uxgoXvM4s8w0woFY9SP8:MmC3dQ88Tk+8vM2fBO9I8

    Score
    1/10
    behavioral23behavioral24

    • Target

      Julien and anarchi selfsniper C#/Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      715a1fbee4665e99e859eda667fe8034

    • SHA1

      e13c6e4210043c4976dcdc447ea2b32854f70cc6

    • SHA256

      c5c83bbc1741be6ff4c490c0aee34c162945423ec577c646538b2d21ce13199e

    • SHA512

      bf9744ccb20f8205b2de39dbe79d34497b4d5c19b353d0f95e87ea7ef7fa1784aea87e10efcef11e4c90451eaa47a379204eb0533aa3018e378dd3511ce0e8ad

    • SSDEEP

      12288:WBARJBRZl/j1TbQ7n5WLm4k0X57ZYrgNHgK9C1BSjRlXP36RMGy1NqTU+:WBA/ZTvQD0XY0AJBSjRlXP36RMG7

    Score
    1/10
    behavioral25behavioral26

    • Target

      Julien and anarchi selfsniper C#/NitroSniper.exe

    • Size

      1.9MB

    • MD5

      d5e815c37b6ed6465820693673e35da8

    • SHA1

      335d5b7c1056b6d6010db628963051f1a244ddbe

    • SHA256

      934d2022814c6dfb0145608d9d270597d46feec5ce833d754576d6a73650a632

    • SHA512

      e9775eae34493d94bc96aa3adc25f95cba4c45d4b263565f23e834409cbd122ab731f052595382d7ab8857c133c8068644bb100ad03cdd3201e6fc5bdc4280a9

    • SSDEEP

      24576:yXcQZt0s5xN15uj2hmkj+rXcQZt0s5xN15uj2hmkj+:yXcS0s5xNujlrXcS0s5xNujl

    Score
    1/10
    behavioral27behavioral28

    • Target

      Julien and anarchi selfsniper C#/System.Buffers.dll

    • Size

      20KB

    • MD5

      ecdfe8ede869d2ccc6bf99981ea96400

    • SHA1

      2f410a0396bc148ed533ad49b6415fb58dd4d641

    • SHA256

      accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb

    • SHA512

      5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741

    • SSDEEP

      384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e

    Score
    1/10
    behavioral29behavioral30

    • Target

      Julien and anarchi selfsniper C#/System.Collections.Immutable.dll

    • Size

      184KB

    • MD5

      c598080fa777d6e63dfd0370e97ec8f3

    • SHA1

      9d1236dcfb3caa07278a6d4ec751798d67d73cc2

    • SHA256

      646d3b52a4898078f46534727bdb06ff23b72523441458b9f49ecc315bf3ef5c

    • SHA512

      8a5b4afb4363732008c97d53f13ee430401e4a17677af37123da035f15f9e9409a2aeb74ae238379291fd5de07c3cd4e3de2778da5edf83a42649fa5b281cb32

    • SSDEEP

      3072:MHutEkGE0frJeOAY1tn/DuunP0F9QFg3QuxvkaHFckod:eu501WY9/DuOP0F9QFgwkm

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks