Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ForceCPU.exe

windows7-x64

1

ForceCPU.exe

windows10-2004-x64

1

HTCTL32.dll

windows7-x64

1

HTCTL32.dll

windows10-2004-x64

3

PCICHEK.dll

windows7-x64

1

PCICHEK.dll

windows10-2004-x64

1

PCICL32.dll

windows7-x64

1

PCICL32.dll

windows10-2004-x64

1

QWhale.Common.dll

windows7-x64

1

QWhale.Common.dll

windows10-2004-x64

1

QWhale.Editor.dll

windows7-x64

1

QWhale.Editor.dll

windows10-2004-x64

1

QWhale.Syntax.dll

windows7-x64

1

QWhale.Syntax.dll

windows10-2004-x64

1

SampleRules.js

windows7-x64

1

SampleRules.js

windows10-2004-x64

1

SimpleFilter.dll

windows7-x64

1

SimpleFilter.dll

windows10-2004-x64

1

TCCTL32.dll

windows7-x64

1

TCCTL32.dll

windows10-2004-x64

1

Timeline.dll

windows7-x64

1

Timeline.dll

windows10-2004-x64

1

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

libssl-3-x64.dll

windows7-x64

1

libssl-3-x64.dll

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

pcicapi.dll

windows7-x64

1

pcicapi.dll

windows10-2004-x64

1

remcmdstub.exe

windows7-x64

1

remcmdstub.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    636448aec2f6e1054d00728cdd9719fe.bin

  • Size

    2.9MB

  • Sample

    240307-cc88hadb23

  • MD5

    6e972029bd1f71506114c5429a2ea5c7

  • SHA1

    d2f06c10ac78da5787d9b4e1bfbd3a974fd47662

  • SHA256

    90bf37ce35568a63a6af01f0f49add719cd7c4996d2469ab86c4e2b05c4b198f

  • SHA512

    bad35bd67fca5a417effeac30a02b94c18f914ca5bf917f90d1c7b74eb5867e2e774a804f52edf871cf69c4a84ea6307e6009b7fcbbcc95afa1e804f4ec07975

  • SSDEEP

    49152:zZmqBBXa/UpnCVhKgwHQucNclM2R+P/WfoaPc/1z2CTXxpdtEtbaeO0gHK4kq2+j:zZ3X5pC4gwwcnR+HWfoaPu/otpYkq2+j

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      ForceCPU.exe

    • Size

      19KB

    • MD5

      b982a103b0d4e0db856026a163124bf3

    • SHA1

      40772be00068bbd394ff0fccd551151a822f3e70

    • SHA256

      2d209c2b823e350c1f1661f87a3a013804302477afe56877f94adbafe7a2e06d

    • SHA512

      214ecdf348e2093e91a489c0541f05eb3356e2531c1840a99d9f727caf1130f5041ccbc6356a7bc31fb4dece927d3fee2fa9e4689d2badbe680fd40104a9d327

    • SSDEEP

      192:fHtIemmfltxD5WLtWwiyT5hNGnYe+PjPxucwwyibSucwwQJk35H0JOqxEV1a//bG:xD5WLZ5qnYPLxoDfoDg+JNY1cAhhv

    Score
    1/10
    behavioral1behavioral2

    • Target

      HTCTL32.DLL

    • Size

      320KB

    • MD5

      c94005d2dcd2a54e40510344e0bb9435

    • SHA1

      55b4a1620c5d0113811242c20bd9870a1e31d542

    • SHA256

      3c072532bf7674d0c5154d4d22a9d9c0173530c0d00f69911cdbc2552175d899

    • SHA512

      2e6f673864a54b1dcad9532ef9b18a9c45c0844f1f53e699fade2f41e43fa5cbc9b8e45e6f37b95f84cf6935a96fba2950ee3e0e9542809fd288fefba34ddd6a

    • SSDEEP

      6144:Hib5YbsXPKXd6ppGpwpbGf30IVFpSzyaHx3/4aY5dUilQpAf84lH0JYBAnM1OKB:Hib5YbsXioEgULFpSzya9/lY5SilQCfR

    Score
    3/10
    behavioral3behavioral4

    • Target

      PCICHEK.DLL

    • Size

      18KB

    • MD5

      104b30fef04433a2d2fd1d5f99f179fe

    • SHA1

      ecb08e224a2f2772d1e53675bedc4b2c50485a41

    • SHA256

      956b9fa960f913cce3137089c601f3c64cc24c54614b02bba62abb9610a985dd

    • SHA512

      5efcaa8c58813c3a0a6026cd7f3b34ad4fb043fd2d458db2e914429be2b819f1ac74e2d35e4439601cf0cb50fcdcafdcf868da328eaaeec15b0a4a6b8b2c218f

    • SSDEEP

      192:dogL7bo2t6n76RRHirmH/L7jtd3hfwjKd3hfwB7bjuZRvI:dogL7bo2YrmRTAKT0iTI

    Score
    1/10
    behavioral5behavioral6

    • Target

      PCICL32.DLL

    • Size

      3.6MB

    • MD5

      d3d39180e85700f72aaae25e40c125ff

    • SHA1

      f3404ef6322f5c6e7862b507d05b8f4b7f1c7d15

    • SHA256

      38684adb2183bf320eb308a96cdbde8d1d56740166c3e2596161f42a40fa32d5

    • SHA512

      471ac150e93a182d135e5483d6b1492f08a49f5ccab420732b87210f2188be1577ceaaee4ce162a7acceff5c17cdd08dc51b1904228275f6bbde18022ec79d2f

    • SSDEEP

      49152:0KJKmPEYIPqxYdoF4OSvxmX3+m7OTqupa7HclSpTAyFMJa:0KJ/zIPq7F4fmXO8u6kS+y/

    Score
    1/10
    behavioral7behavioral8

    • Target

      QWhale.Common.dll

    • Size

      192KB

    • MD5

      ac80e3ca5ec3ed77ef7f1a5648fd605a

    • SHA1

      593077c0d921df0819d48b627d4a140967a6b9e0

    • SHA256

      93b0f5d3a2a8a82da1368309c91286ee545b9ed9dc57ad1b31c229e2c11c00b5

    • SHA512

      3ecc0fe3107370cb5ef5003b5317e4ea0d78bd122d662525ec4912dc30b8a1849c4fa2bbb76e6552b571f156d616456724aee6cd9495ae60a7cb4aaa6cf22159

    • SSDEEP

      1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc

    Score
    1/10
    behavioral10behavioral9

    • Target

      QWhale.Editor.dll

    • Size

      816KB

    • MD5

      eaa268802c633f27fcfc90fd0f986e10

    • SHA1

      21f3a19d6958bcfe9209df40c4fd8e7c4ce7a76f

    • SHA256

      fe26c7e4723bf81124cdcfd5211b70f5e348250ae74b6c0abc326f1084ec3d54

    • SHA512

      c0d6559fc482350c4ed5c5a9a0c0c58eec0a1371f5a254c20ae85521f5cec4c917596bc2ec538c665c3aa8e7ee7b2d3d322b3601d69b605914280ff38315bb47

    • SSDEEP

      12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB

    Score
    1/10
    behavioral11behavioral12

    • Target

      QWhale.Syntax.dll

    • Size

      228KB

    • MD5

      3be64186e6e8ad19dc3559ee3c307070

    • SHA1

      2f9e70e04189f6c736a3b9d0642f46208c60380a

    • SHA256

      79a2c829de00e56d75eeb81cd97b04eae96bc41d6a2dbdc0ca4e7e0b454b1b7c

    • SHA512

      7d0e657b3a1c23d13d1a7e7d1b95b4d9280cb08a0aca641feb9a89e6b8f0c8760499d63e240fe9c62022790a4822bf4fe2c9d9b19b12bd7f0451454be471ff78

    • SSDEEP

      3072:Ns/3b/8FpHf3kBFcCsbfqai2/8Fjitdmus95jMRrgk+vWZYz39dHiB796k9gR5+r:NQLa/kBFcCsbfRgzM07XGk+V

    Score
    1/10
    behavioral13behavioral14

    • Target

      SampleRules.js

    • Size

      22KB

    • MD5

      524d2bade9189baf1556a19a646cf4bf

    • SHA1

      66c1eff782d71d0a5cc8e370958137a9acd852e4

    • SHA256

      3d4de2f5b6be253ffe40b04e90b6fe80eb1025f97975b820683e679c55f5b3c8

    • SHA512

      36f1a2b9728e89b640fe5a5ee7cde1cdaacb6ca06149bbbe6fabec3d413dbef188f540568d68319df61e9c0d789e77489fe9893f8f4459f6b03cfef4a5b42095

    • SSDEEP

      192:M8hsvsRImy1MTb0LB1GeagkQqzzzgWGZIVW0Gdcen9CpNlPdhr3f8nYny7+zjW66:Mi0gg2zWia9SVnyqOZ

    Score
    1/10
    behavioral15behavioral16

    • Target

      SimpleFilter.dll

    • Size

      147KB

    • MD5

      90cdc635a1f1f8e6e1ee68918e0fb71a

    • SHA1

      65699920fc6fc9488c1eb8acaf5022eaeafb6815

    • SHA256

      afee7df6255757b3251721fca42e844753a617e0aa1ed43734e32e2fdae2c0af

    • SHA512

      720635e0e24ca06b3c400f6da201f08d174e5bef230037eeae023ca87f608b1c353ca58de1a5c99a5f3057b039704ed5e68a9e5448183527653afcaedcfc58ab

    • SSDEEP

      3072:e6NX70tFXM29SwIEV21p/r+Q7NNi+NQmDdj7RMttBaOrMzz27CDHqyoqKIh4bqG8:e6NXwM29SwIEV21p/r+Q7NNi+NQmDdjj

    Score
    1/10
    behavioral17behavioral18

    • Target

      TCCTL32.DLL

    • Size

      387KB

    • MD5

      eab603d12705752e3d268d86dff74ed4

    • SHA1

      01873977c871d3346d795cf7e3888685de9f0b16

    • SHA256

      6795d760ce7a955df6c2f5a062e296128efdb8c908908eda4d666926980447ea

    • SHA512

      77de0d9c93ccba967db70b280a85a770b3d8bea3b707b1abb037b2826b48898fec87924e1a6cce218c43478e5209e9eb9781051b4c3b450bea3cd27dbd32c7f3

    • SSDEEP

      12288:OpwbUb48Ju0LIFZB4Qaza4yFaMHAZtJ4Yew2j/bJa+neNQ:epq7BaGIn4BbLneNQ

    Score
    1/10
    behavioral19behavioral20

    • Target

      Timeline.dll

    • Size

      51KB

    • MD5

      ec476c3ee3f7d463fc8b71a8da42e103

    • SHA1

      a32e85e618a4451feefed350f7fdb88dc662833d

    • SHA256

      25e20d696fa2d40cab80d6e45e998f63ef17564b4bacd978d98dbf4492be93ee

    • SHA512

      ec3c77cb84667aea1330dbeb9e5756a37f55570e4edc1bdde9c873e9218cfed6da2c0df57f4f3f9c2864cb664d1eb55700c95a1555d4bc5d485f0fc028c02c3b

    • SSDEEP

      768:BE8uqoL19VqLPLyYhH9L52OBRz6e4NPTijqhRR2fTMR2fT8BN266bC:YVqLPLyYhFcGzyijLx26O

    Score
    1/10
    behavioral21behavioral22

    • Target

      client32.exe

    • Size

      101KB

    • MD5

      c4f1b50e3111d29774f7525039ff7086

    • SHA1

      57539c95cba0986ec8df0fcdea433e7c71b724c6

    • SHA256

      18df68d1581c11130c139fa52abb74dfd098a9af698a250645d6a4a65efcbf2d

    • SHA512

      005db65cedaaccc85525fb3cdab090054bb0bb9cc8c37f8210ec060f490c64945a682b5dd5d00a68ac2b8c58894b6e7d938acaa1130c1cc5667e206d38b942c5

    • SSDEEP

      768:q78j0+RH6e6XhBBxUcnRWIDDDDDDDDDDDDDDDDADDDDDDDDDDDDDDDDDDDDDDXDU:qwpHLiLniepfxP91/bQxnu

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport
    behavioral23behavioral24

    • Target

      libssl-3-x64.dll

    • Size

      547KB

    • MD5

      4ad9afd9ff710d89aa7530241771f9d9

    • SHA1

      b0f233fde9ebc6438c66051fd13e89b9d457894a

    • SHA256

      956a4925b8c2a62c7f639e855b1672a162610138f670f1d7ba6ab71ad3d94541

    • SHA512

      28a167cbf7acca2bf36f7c50bc0302fd040812df678d1d36d1fcadbbfadb279444849aad0228c864d6866b00e36c09c2ff9a6a9d867c25b6000384b421a2f8f5

    • SSDEEP

      6144:w5/NMS+7xbMkZThK/uhetwSzJupTJc2pqrbccv+5NDmqhIA3vCePl01sQi7PUYgh:wFNEQYKxtwAJeTJc2pmUD/v01sQigLW

    Score
    1/10
    behavioral25behavioral26

    • Target

      msvcr100.dll

    • Size

      755KB

    • MD5

      0e37fbfa79d349d672456923ec5fbbe3

    • SHA1

      4e880fc7625ccf8d9ca799d5b94ce2b1e7597335

    • SHA256

      8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18

    • SHA512

      2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630

    • SSDEEP

      12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z

    Score
    3/10
    behavioral27behavioral28

    • Target

      pcicapi.dll

    • Size

      32KB

    • MD5

      34dfb87e4200d852d1fb45dc48f93cfc

    • SHA1

      35b4e73fb7c8d4c3fefb90b7e7dc19f3e653c641

    • SHA256

      2d6c6200508c0797e6542b195c999f3485c4ef76551aa3c65016587788ba1703

    • SHA512

      f5bb4e700322cbaa5069244812a9b6ce6899ce15b4fd6384a3e8be421e409e4526b2f67fe210394cd47c4685861faf760eff9af77209100b82b2e0655581c9b2

    • SSDEEP

      768:JFvNhAyi5hHA448qZkSn+EgT8ToDXTVi0:JCyoHA448qSSzgIQb

    Score
    1/10
    behavioral29behavioral30

    • Target

      remcmdstub.exe

    • Size

      62KB

    • MD5

      6fca49b85aa38ee016e39e14b9f9d6d9

    • SHA1

      b0d689c70e91d5600ccc2a4e533ff89bf4ca388b

    • SHA256

      fedd609a16c717db9bea3072bed41e79b564c4bc97f959208bfa52fb3c9fa814

    • SHA512

      f9c90029ff3dea84df853db63dace97d1c835a8cf7b6a6227a5b6db4abe25e9912dfed6967a88a128d11ab584663e099bf80c50dd879242432312961c0cfe622

    • SSDEEP

      1536:Tf6fvDuNcAjJMBUHYBlXU1wT2JFqy9BQhiK:D6f7cjJ4U4I1jFqy92hiK

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

netsupportrat
Score
10/10

behavioral24

netsupportrat
Score
10/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.