Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    pv.rar

  • Size

    28.8MB

  • Sample

    240310-s5vtksfg31

  • MD5

    9853575a933f5ceb0c537fe188f2e910

  • SHA1

    50d06d07a31245fe128b0ad15044cf7901cd96dc

  • SHA256

    666f427bbf8bb4b0779c82fc16d531db287376ba16e6df2d1f984d9dbfd11970

  • SHA512

    da31a7be4e83fc5817b72db3ffeda4690df5d06eaf4de73d30630193d7924013ba4840d3da9dd2df243fa271b84db115a5784d04aaad8be9c1507e86a13c9c9a

  • SSDEEP

    786432:ftXXJU7QPQ2eCVjRn3s/WYR4joHRNO9q1zwjQL:ftnlECjsObjoHbO9EzyQL

Score
8/10

Malware Config

Targets

    • Target

      ccvLX6b6iG.exe

    • Size

      31.6MB

    • MD5

      b207acf3639912c9e6cccc25ba6b374e

    • SHA1

      3027cb0f0e17c1b79edd3d6a88ef4adbc08d267b

    • SHA256

      83937419fa7f594e2c03bf473e6d7588581b2afad3c33c0f6798ce4e80fafd0c

    • SHA512

      9dce4a3e1a316cea561040eb181c1a0ad0db49c1346654336412e54383a659f650ce627140e97b997b2bc23dda5ea6eb2977cad5e1c42ebfcb806142be12ff3f

    • SSDEEP

      786432:K5anJ+Wyc5P2H2nm5MX7YnT4BHmNDdVv0YcDfzQMvV:K5aJ+T4PmQmOLYnMODr0nDflvV

    Score
    8/10
    • Drops file in Drivers directory

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      dpp.dll

    • Size

      2.4MB

    • MD5

      5099f2e9acae75ca793ada77a8d9c605

    • SHA1

      6d2e16085f9a74db3948156eb07b39cf1fc8d936

    • SHA256

      da523c334bc8d4c3dde7a350b325beb2abfdacda8387ae0f13c9af3d2be73fd0

    • SHA512

      2c7a0857887b4ba22c19bd75249f39edf6e1de3461c0703a1bb4eb45e638ed0825831d5941470776ffd6c6b5f12b368f5d29604e7186998723f67f6891b60b73

    • SSDEEP

      49152:SBUfn9wxuyJXuauJ2Ub1shYdLA6eavFG:JnMJWhG

    Score
    1/10
    • Target

      libcrypto-1_1-x64.dll

    • Size

      3.3MB

    • MD5

      bff0b8ffbfe4e6c9a21a47d86ebfce30

    • SHA1

      aa9883fc52f16901e9a1bba7afb0033b7f15c721

    • SHA256

      ae8ed4eb9c764c65611cbe78b849f383ada2675ab2e9d8b76b9b799be80c0951

    • SHA512

      e594a9a7d83732f1d901a1f2bbaf1acd86219a56bd60ec0ebc179059a43524ae81eda55a06334e9ddf306b2fc08bab83aa11adb3aed58875ec3f18e00a9cb0ca

    • SSDEEP

      49152:SVwASOTxIU6iC1GtlqRycFM4gXFOBM5QFOObP/1wf0U1D+xNPsWusDS1CPwDv3u0:CG+kMhOWym31DuWWuse1CPwDv3uFfJ

    Score
    1/10
    • Target

      libsodium.dll

    • Size

      323KB

    • MD5

      1b3a0b66a70b6b74666ac923fcd20d31

    • SHA1

      52f0c36087a4260688edec6577590b376b4700a3

    • SHA256

      3638b6d7cdd4828f5e53a314756b88f19da36aaa812eb6889a10f3f55860b85e

    • SHA512

      fc28b60a32ef3362573022f5ba08fb48c037086a57b77d38ff01b87af69ffdf1e8d4d6ef69b63852d71cdc9a0f6153d632e9fe1c4f69b67c83ae5a9a54835179

    • SSDEEP

      6144:htoTifGdN3JVghfnfxKEh15YILfR5vzzFiKMoJwV50DErmQeX:PoTifEJVyt5YIDbz3D

    Score
    1/10
    • Target

      libssl-1_1-x64.dll

    • Size

      670KB

    • MD5

      92d8f738dbe91bfa0ce88c7681035a05

    • SHA1

      4fb6310a22a5964fd748b326d612539946e14f13

    • SHA256

      640212220e73b2e2fd7ff2c08faf8d66fb5b9387300c0bb12a80379fda7288b4

    • SHA512

      2b554a381c404f082053ac1f86fa8de300d3a879f9e4ce6aabb8a3f393a734151ebb763c76f709e7bc7a32dd0c41de3817ddf41fc02eabce10f90a38a961cb20

    • SSDEEP

      12288:VfKP4Afz0RoezGbrfOZTpUG/zeZxeNEZ2LiR3inbwciXd8wU2lvz+:wyzGbryogLiRmiXdBU2lvz

    Score
    1/10
    • Target

      opus.dll

    • Size

      386KB

    • MD5

      c228e20cbbf036f374756b8c75fbf8d6

    • SHA1

      b4bd4fe9a3f290a088b496823b4a806fba451137

    • SHA256

      c740a704598d6c4bb550ff660cb531d98a62b8c182cc48318ef8756f407b5ae7

    • SHA512

      a326bc13f19e50644d1d0d3665e075a7bc832dd68eea66c5b23713c26143cd1411c6aedadbee718eee08566c8e699d1de59b4e1891eaebc49d865f98b521cae8

    • SSDEEP

      6144:mbEloNvDkihx3MmI2gFo+Pzk41CqKUC2TxoiqEHUl3rZ1AQY+MZl8zz+0/uWbBm9:loD3MDD0iqk6V1AwE8zz+02lj

    Score
    1/10
    • Target

      zlib1.dll

    • Size

      85KB

    • MD5

      b88fc4d41ac25f367a5fe5ee0286de22

    • SHA1

      124017096d4c571b3f835af4d7e9b158a4abe4cb

    • SHA256

      b98933d985116fd71869b879604347cfb630d1eb4b9eef16454913d251021502

    • SHA512

      824df2a012b18e252a90177d2f3ab5a43272609024b72790bd249f981e7fca4f28291ab3e4cee06c26e189ba42fa2115648fc725f49a91666fae59bc022c68c8

    • SSDEEP

      1536:8THRfzojvOeiRMPrpbAE1ApOal2qk0M2OnToIfUIOcIOYuWq3sf:8BzojvOeiRMTtAEepOT0fqTBf6SYZq3S

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks