Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Shrek-Tools-main.zip
-
Size
13.7MB
-
Sample
240324-s4fchade55
-
MD5
14ea5041ac9d7c347144a6ca4d44b9aa
-
SHA1
5533c4956846183b7e5225a90fd75567bef08f49
-
SHA256
faa62297a098197a2704da8e60897f317c9e02e7dd2b7c1ff4399789c7f75bfd
-
SHA512
4d84d06fbb97e68ec743dc79d13eca37a88da150603a02e36a58f85a1c64793a1d00deb20ad48a3bb8cb90f509fe84eb1d0ab07f0bfbfbb80c31f3e02dec7100
-
SSDEEP
393216:DDbU+dDoz6ij6Ta+Hre77pVOi8FBzepKDqzg0ykwRuJNkrzrbuewcV:XbU+4F37B8FBkKDq8kJ+zBwcV
Malware Config
Targets
-
-
Target
Shrek-Tools-main.zip
-
Size
13.7MB
-
MD5
14ea5041ac9d7c347144a6ca4d44b9aa
-
SHA1
5533c4956846183b7e5225a90fd75567bef08f49
-
SHA256
faa62297a098197a2704da8e60897f317c9e02e7dd2b7c1ff4399789c7f75bfd
-
SHA512
4d84d06fbb97e68ec743dc79d13eca37a88da150603a02e36a58f85a1c64793a1d00deb20ad48a3bb8cb90f509fe84eb1d0ab07f0bfbfbb80c31f3e02dec7100
-
SSDEEP
393216:DDbU+dDoz6ij6Ta+Hre77pVOi8FBzepKDqzg0ykwRuJNkrzrbuewcV:XbU+4F37B8FBkKDq8kJ+zBwcV
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
LICENSE
-
Size
34KB
-
MD5
1ebbd3e34237af26da5dc08a4e440464
-
SHA1
31a3d460bb3c7d98845187c716a30db81c44b615
-
SHA256
3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986
-
SHA512
d361e5e8201481c6346ee6a886592c51265112be550d5224f1a7a6e116255c2f1ab8788df579d9b8372ed7bfd19bac4b6e70e00b472642966ab5b319b99a2686
-
SSDEEP
768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum
Score1/10 -
-
-
Target
Menu.py
-
Size
258KB
-
MD5
59e855a423a6f89809e10390a6865fda
-
SHA1
3683597c5d2c6d09514600a75201871d8522c4b5
-
SHA256
3b32922fb900d3db652b427466d219f5144d52fbf6fb046378c477bda44a954b
-
SHA512
5b592f80f7189dd769d695deb17e5a1ca99ecddfc95c1fd3c6d62f447afb72f2f3d1b22de4fa50a472c05ffaa5a2ef3bfc7e0fd96ba386fe8d162246464fe7a8
-
SSDEEP
6144:4gegVgrQ5gSgWeOQgeoeIQtgfgNg9aCQig1gegoQZgbggQBgng8grgPPvg2guIse:lbGrQSXxOQvXIQeo+pQ/GjoQC8gQKgxX
Score3/10 -
-
-
Target
README.md
-
Size
2KB
-
MD5
e55b1faff302e27929da70306c823ea3
-
SHA1
15cbbef17985094d5fcc99da18cb9330f9e9aa17
-
SHA256
f99c145b60f4c21272ae84b5a28c199952e903c9633589cdc1b1b60d524e18d9
-
SHA512
b986ffe800e39ec48c96d8078d8d52574a7f940cc773c907d3a9a40d656be1209be00dae6917db0030920d5160040df44cf6029a085c8b2452cb4b0b35983828
Score3/10 -
-
-
Target
Setup.bat
-
Size
508B
-
MD5
47295fab57c880f25e3ff34bf130aa6f
-
SHA1
a58d4ee7e731e72637b008e5ec6bf9470c4c31cc
-
SHA256
f6b3cf2ccd1bccea21f5872373dc55ba7999e0cd50f2617a62b60423ac8680c7
-
SHA512
993b90a914a70458da4c8712e09fb5c8ae3fde1e2571369f961093d0f374d753f8a289bfa553f51ad67222f5f4a5504bb7aed068e5f4295b8cc283e1294d5415
Score7/10-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
chromedriver.exe
-
Size
11.7MB
-
MD5
7f45280701af0b75eab76f41a39cb6a8
-
SHA1
e9c81ea041cd2187448f4e5560eafda1e229a0fd
-
SHA256
0a80a3bb252a5ce730a384ddb71d73799bd82d89144a73da930ca296e10be67e
-
SHA512
fd3487e8e65d5c86e06c38410d97030c47e3d8620eda36b92a60ee3234d3157989b40315e1eddfdcaae435d0f4386bdc8a97d6c2e703e25ce91319d72a07cc1e
-
SSDEEP
196608:Em/gCQVBvGc8mkijo3hVoYYo/giRTxkS8uBb3V75rbFErndRu23rR21G70iBRqGC:J/gfGhijo3hVoYYo/giRTxkS8uBb3V7I
Score1/10 -
-
-
Target
data/Member_id.txt
-
Size
1B
-
MD5
68b329da9893e34099c7d8ad5cb9c940
-
SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
-
SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
-
SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score1/10 -
-
-
Target
data/channels.txt
-
Size
1B
-
MD5
68b329da9893e34099c7d8ad5cb9c940
-
SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
-
SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
-
SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score1/10 -
-
-
Target
data/groups.txt
-
Size
21B
-
MD5
1c663ac3e9e3d540f170d7dd95bd7721
-
SHA1
c3e2b7ac24338a995c255396b4c268bd91d50346
-
SHA256
3dcfd8156f1bb8980c7b92e5dec444a718ec27ad5ceca5dfc72a6bb0eca332c6
-
SHA512
10118243651ff297c964a7bdc1fa1868ff943ff36fb9c3540ed72e409f7fd7f1fc13ed4e0e0b4c704e9fe2d5fbc788131ec4cc3c3d0d76a9e3ddcd82688addd9
Score1/10 -
-
-
Target
data/roles.txt
-
Size
1B
-
MD5
68b329da9893e34099c7d8ad5cb9c940
-
SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
-
SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
-
SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score1/10 -
-
-
Target
utilities/Plugins/AutoLogin.py
-
Size
2KB
-
MD5
227fc2a4749503dd94db2af49596e2cb
-
SHA1
d288c22c357c92150cb8c5d5d1ff2957e8140ff4
-
SHA256
e3fdfd067b17c01f249fa7eacc8a62f531106248cfd45c57934ae3ef35658377
-
SHA512
ca55d6afda00cb26e554f3510d53cf8de5ea62733610999730212edaf3606d047cc2e8b66157e7f07acbb4696900bcc183b3fc40995fd8fb7ba042d699cbe117
Score3/10 -
-
-
Target
utilities/Plugins/DdosAttacker.py
-
Size
5KB
-
MD5
322b831bb3aa3c10ad8ef9f5512a46e4
-
SHA1
a77110643e12e76b4db081966bcb67eab0568030
-
SHA256
c425bc15f4a65d8fd1d6bf752d447159b821f6714d8f26fc967f9e420784003d
-
SHA512
4a5364102d15faf505bb4d99addb06e42639f888c4216d22c23cb88d4e41444c7cc219c28f58a9618bd6e1c9ed4405bb8c8fcc3436f7f10b7ef4db474fe2185d
-
SSDEEP
96:FEGFTSOfUg4en5/TwJ0eMjz0o0UY/JvzKncqhyegYQ0dG//7SaYYvogmhCX2akIV:GGZuWn5/TwJ0eez0o0UUJvzKncqhyeg5
Score3/10 -
-
-
Target
utilities/Plugins/QR_grabber.py
-
Size
7KB
-
MD5
6a5e6f01893a452e5b55e7cb9e55c88f
-
SHA1
cabd65dc9e6d3bc0ee84211abcf9dc6c95e31d62
-
SHA256
5dbfa2966cd0b582de5ca461b6bcd8e12af81ce8e4b06a7c4e4a83823241f4d4
-
SHA512
f0e702dbfce5b4e581e78d730a332cb59d4fdcacc7fbeee0f0078f5235947b3a49e544c7aed8c57462fe95bb33db166fd6793d2052dc62abc71a1c869f32cad8
-
SSDEEP
192:AgagQPmRnlRmNRUimKgZYpMbMQVQl3xfxu:AYxlwN+i3kYawl3xfxu
Score3/10 -
-
-
Target
utilities/Plugins/massreport.py
-
Size
1KB
-
MD5
01a7bcdf1b8cb8dff06f587bfce1ddab
-
SHA1
bd8cb797f7c026c0952bfe4e0be44568d7439d2d
-
SHA256
3cb927b69fe6368bc5cdc326aac649554d73a84c91efe4bbd389d7d13147d3c2
-
SHA512
60b77955b374cb2943e28ca688f33266587fba6aaa32ca8c54afff2f4525a0f1297e62fedd834270bd0e01fdc246e332efbdddf9ebf80fb16d95737f59221247
Score3/10 -
-
-
Target
utilities/Plugins/tokeninfo.py
-
Size
10KB
-
MD5
459ef92d3240b54092d3987eb172874f
-
SHA1
7d51973b244c2e264ebc7fca37ed1bee0d8f4c8f
-
SHA256
46a1873bfe031804e854b568f7ce7e8e1ba3e3fdc0e57b28132c7457f3694077
-
SHA512
6b064ef3076b909836c71ec36447061d61e3184b2f1acadfdc6ac0261850b5a0cfbef9bb80c4560ad7f5b7619964fb7cffe582719295eab36e490b3d3de79b6e
-
SSDEEP
192:Sv/Cgv6oQ305QC1nwCeyd6qip6d+8YVCA9ah32yrmKcg:S3CcQk5QC1nwCeyd6qip6sZVCIah1eg
Score3/10 -
-
-
Target
utilities/Settings/common.py
-
Size
17KB
-
MD5
7f78c07872a53c586fb61275fe49f006
-
SHA1
012e700837c1fa99377938e36ee2a95f40260a58
-
SHA256
999f6eca783ce45df877c7e8e027806b4f19c4616dfdd8e337388970fb9d075c
-
SHA512
2fca14ae0afd4372bf09f33873194423e23fb6254ad5dd0cdee07c4c76b323cc32005df56c907408aa3c97515a4b780971b11024089ce32da4b800dc45ebb7a3
-
SSDEEP
384:3x+pRW+EYBxLZEzpV5iB8Ja3omAbCDR3ItZp:3x+zxEYBMpKia3omAbCR3ItP
Score3/10 -
-
-
Target
utilities/Settings/common2.py
-
Size
23KB
-
MD5
bccfbf95ed5079b135eab48395ff6e5b
-
SHA1
b08f549c1b2c9740f2802a6458127258d5d5d29f
-
SHA256
f43bfb88c177a41b5c842ab84cfe23f78782746d250bdef78066c6d567410e1f
-
SHA512
c5537b2b76fc19dcc34d7ffee0829f4e35299e94e5eb4577a0e9571a78de96299cfdf18f17be1d926e6b064c99f7455a119bc4c2c035a9cde577d03d2f9436a7
-
SSDEEP
384:3imxtQvPkft5xeoQTAPRhwSAHZh4Gopxp7TiT3TBTmQT7WSE2TStKmKI1xmKI1q:39LQvPkrxe/APRhwSsZhw5XODtt7/rmj
Score3/10 -
-
-
Target
utilities/Settings/libarys.py
-
Size
5KB
-
MD5
696f535444e0cff335a95930ebf63d90
-
SHA1
6ef10467e7a25b1a6f441d75d5584c569d1f7d36
-
SHA256
df597e1bccf9909ead31a2c9b4c535021eb12b5f8a1a0c607a4630fd1e9c9aca
-
SHA512
d3cf09f60c4ce63804b7f38c3687028c03885703db1b97a73d5ecd97d9ae89d24968c2ff9563ed2b944084e5e6ec70f1b13181d831a7f966d73936dde57c821a
-
SSDEEP
96:OkHRqUXKp8MQFzmYxeRwj3RFTp7b2ETIp9tgPKcfEBWVPFcGIX++01QVEBW0w:OkP1RfbVTStY+WVP6tXAzW0w
Score3/10 -
-
-
Target
utilities/Settings/update.py
-
Size
5KB
-
MD5
a328368a010ff18f3d6db722d1edf4a3
-
SHA1
72b89d9bbde5dff9260ad3be9b5a1db9d7076377
-
SHA256
f5213bf4f34daa352d7ebcccc273370987167a886dfee82409b5de3e07648228
-
SHA512
b376673561c9545c2c98214b23eb308fa3a4317fa33d680338b2bae844c34fb9d07caa28945f948fd91818acb248908cb24a59dc56a87b8421b5149432d1595f
-
SSDEEP
96:T2pDxHF+YNXjq/HH32HQ1f5wNrGVJxS+1sontIdjsFj:TwG/HH32y20jV
Score3/10 -
-
-
Target
utilities/Start.bat
-
Size
34B
-
MD5
c24add9b40129d29c40e5fd94ccd1812
-
SHA1
6a9c4c822f6aa8a46d5e6a8c5c7c09eca83bca80
-
SHA256
9df81babbfd6f7054c60943ad0179f0a74ef814080252554f8f4e97fe5a790eb
-
SHA512
c93373a9a2a4cb4d83c7579f9c3cb82016542e904310f073cd39f5b20ca349efcb3359d8976d6d01c87d613ce8c31cb99ad19c35e96b9721c57b4d0ea1715789
Score1/10 -
-
-
Target
utilities/assets/Pyinstaller.exe
-
Size
7.4MB
-
MD5
d65501677348f17fdc707944cb25f6e2
-
SHA1
91b65eb378080a69b01d7250c3a82d405bcd722e
-
SHA256
26b86d35e15fbb346b9993474ce779282f8f6f3f14bbf4253bca24c16e621027
-
SHA512
8a57b95953a81b10f46987e3440cadda4247b451ab7a636591bb5f8fb5ddae3566cbd9eb5a5392efeaf1ac8600e7200a369fd00b94af737b974ae5fa172d0896
-
SSDEEP
196608:LqrEzYRrLkgLjv+bhqNVoB8Ck5c7GpNlpq41J2tknS5CUn4qW0d:2PcwL+9qz88Ck+7q3p91JJmX4qW0d
Score7/10-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
X�p~�p<.pyc
-
Size
1KB
-
MD5
2d981fee16b7ba47942658cb41636bf2
-
SHA1
a497214f8c1f717001812e85585a281f059c373c
-
SHA256
f29aa7d079f54c9b41768d74fd9dca376222f71f8a8b7535a271d93bb01ce473
-
SHA512
3d0b93d55d753e06215315ed345bf32c15706719030f5af240f5f8602fc0a7255ad128c57f79cb8413752b92a19ac38e02d53e89b53c271437f47e9201e44208
Score1/10 -