Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

val/Kernel.dll

windows7-x64

1

val/Kernel.dll

windows10-2004-x64

1

val/Load D...N].bat

windows7-x64

8

val/Load D...N].bat

windows10-2004-x64

8

val/Mapper.exe

windows7-x64

1

val/Mapper.exe

windows10-2004-x64

8

val/Valorant.exe

windows7-x64

1

val/Valorant.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    val.rar

  • Size

    186KB

  • Sample

    240311-wwtrpscd29

  • MD5

    b4df83ddbd5c31e97e04ce52818b6583

  • SHA1

    6b83a6dd42fb3a3ff91f5db290d89a7d0aaa7486

  • SHA256

    763ee735000712eeacd920a5b70da5d6ac1c1f176a5dda74ffcbd286cfc20664

  • SHA512

    43796d60d2c505af9d23dfcf4ca3c3568e4eafaf849a8ef39283d6e31a4a9c1c0f1cf6aaf4ef939380aae44ef775dc05fe8febb1815951993f840c2c1420a69a

  • SSDEEP

    3072:uMmu6Q6/sjB5zlBQLJJzqw9hhmwQMCNdAJgybY2GWiM3J2Qi+NecmioxmgA9d1:uMbf60XbS1l9QLNdAJgyk29i4JTi+SYt

Score
8/10
persistence

Malware Config

Targets

    • Target

      val/Kernel.sys

    • Size

      6KB

    • MD5

      bccd8eebb6234ff50400d4ac2e76c901

    • SHA1

      cd7aaf414a4da0719df2206f806e3abaa4dd0e69

    • SHA256

      73358477c611aae5ba0b1f6f691eab6aaaabddd3b5a52f4ba1ac6ab7e3f0a1f3

    • SHA512

      1e14f0982a3086d3ea72e70362609affc622f7c8218b198b472cb5cb3103513c8d0206f17a09028e9263152cd15cfd71f51695bb3eb3d91d925a260a1af6321e

    • SSDEEP

      96:N+ivi0Q8VX5A2+LVSLC+WxljLbHCvEc+KSSy8xP+U7brICi3d:N+iNl+RSMlXmvEc+Pb1j

    Score
    1/10
    behavioral1behavioral2

    • Target

      val/Load Driver [ADMIN].bat

    • Size

      38B

    • MD5

      b56b9ab3209f7b0958976644f03776f8

    • SHA1

      054c58ab6b517710776fa6ed8e20aabaf37d360f

    • SHA256

      419124eb528c4c9ddb1e3713b72be124437f5632cf0ad1cbdc5b81c52407c401

    • SHA512

      bf2515e032f3dd8885b4e8aead91dce3d46199d3dad242b8fee980b33a99def11def0f64936da7f3d456d4d376f0c3df68a4dca04b50f9cd314e99441a3d9f77

    Score
    8/10
    persistence
    behavioral3behavioral4

    • Target

      val/Mapper.exe

    • Size

      134KB

    • MD5

      34cfbe3ff70461820ccc31a1afeec0b3

    • SHA1

      5d32e91c039c9a6f723ba3c04c1179d02e6a0ce9

    • SHA256

      6ebcc6896b243c761da4fc28a26249b0c146ae17aff7697c09bc447008e831df

    • SHA512

      1ca4661be645e7e954d89c83f1fd126a5e936533052d4e330c9faccb83bb5942d28265375cee743e468b1625a0c1f10888e7957fe88c718e8501a86a78cdc06e

    • SSDEEP

      3072:rOUDtpXnRNEvhxNyatnKl9rGmJTQSaMm5/6TYfEBjgQ:rOUDDXnRNEv7wEo9WlTfYjg

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    behavioral5behavioral6

    • Target

      val/Valorant.exe

    • Size

      247KB

    • MD5

      0d38e569ba9f0795dccbffd5b6749ad5

    • SHA1

      e3ca20111e19cb41582da238052bfe57c4304c4b

    • SHA256

      dcbcf99bf143cb21d2a828362f64e4519d2d5f7e7411483f04e998aea896e2e7

    • SHA512

      d4c3ff627e77ee594a68215962a22ae440300165411a610ff19bbe08bca89f533e5a0df4c1ae94ec4d9b889cc6d77f014eb40531d27fc32c505010af9b329f14

    • SSDEEP

      6144:KCgKDEZTMxMQbAjrV8xUPvIC0fQ4nWUfkry8:KCQBkAjre6nTF4nWU8

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks