Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Orbit_04.1...Lh.rar

windows7-x64

7

Orbit_04.1...Lh.rar

windows10-2004-x64

7

Free Cheats.url

windows7-x64

1

Free Cheats.url

windows10-2004-x64

1

Free Hacks.url

windows7-x64

1

Free Hacks.url

windows10-2004-x64

1

Orbit.exe

windows7-x64

1

Orbit.exe

windows10-2004-x64

1

Orbit/Disa...ty.reg

windows7-x64

1

Orbit/Disa...ty.reg

windows10-2004-x64

1

Orbit/Disa...st.reg

windows7-x64

1

Orbit/Disa...st.reg

windows10-2004-x64

1

Orbit/Driv...er.exe

windows7-x64

1

Orbit/Driv...er.exe

windows10-2004-x64

1

Orbit/Sams...ar.ttf

windows7-x64

3

Orbit/Sams...ar.ttf

windows10-2004-x64

7

Orbit/Smal...ar.ttf

windows7-x64

3

Orbit/Smal...ar.ttf

windows10-2004-x64

7

Orbit/Weap...ar.ttf

windows7-x64

3

Orbit/Weap...ar.ttf

windows10-2004-x64

7

Orbit/Win10_22H2.dll

windows7-x64

1

Orbit/Win10_22H2.dll

windows10-2004-x64

1

Orbit/Win11_22H2.dll

windows7-x64

1

Orbit/Win11_22H2.dll

windows10-2004-x64

1

Orbit/Zapp...ar.ttf

windows7-x64

3

Orbit/Zapp...ar.ttf

windows10-2004-x64

7

Resubmissions

20/04/2024, 08:03

240420-jxzm5acg3z 3

20/04/2024, 08:01

240420-jwh9racf9t 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Orbit_04.19.24_mEU75yLj9OCJxLh.rar

  • Size

    722KB

  • Sample

    240420-jwh9racf9t

  • MD5

    75a862c385c872448d610b6abfb2ab62

  • SHA1

    40299153d4266dd9a6232df5309f348b2d0dc7f5

  • SHA256

    67453f543db5818fe7cb2eff9a09f8ec4df4d0217ed1c5fc86a61f245dedd345

  • SHA512

    32e5a6ca5986a6ad95a4d44259dff24c7bbe36e9ef3c9fdfe69e2420b12d7a616a609aabc24193a2d50501123da940ffe623e71caf2671db81854d13a77ff390

  • SSDEEP

    12288:2JQFPS1FwhumWw6d1r3L5c3LUh89HXx4SRBmNcR3ZlPe3UyQtZQ:YQFPS1F5mj6dp+YCHX+SRINcJZ8kTtZQ

Score
7/10

Malware Config

Targets

    • Target

      Orbit_04.19.24_mEU75yLj9OCJxLh.rar

    • Size

      722KB

    • MD5

      75a862c385c872448d610b6abfb2ab62

    • SHA1

      40299153d4266dd9a6232df5309f348b2d0dc7f5

    • SHA256

      67453f543db5818fe7cb2eff9a09f8ec4df4d0217ed1c5fc86a61f245dedd345

    • SHA512

      32e5a6ca5986a6ad95a4d44259dff24c7bbe36e9ef3c9fdfe69e2420b12d7a616a609aabc24193a2d50501123da940ffe623e71caf2671db81854d13a77ff390

    • SSDEEP

      12288:2JQFPS1FwhumWw6d1r3L5c3LUh89HXx4SRBmNcR3ZlPe3UyQtZQ:YQFPS1F5mj6dp+YCHX+SRINcJZ8kTtZQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      Free Cheats.url

    • Size

      113B

    • MD5

      567d372cc85fe291e49aa522b0a91e02

    • SHA1

      214a2b068e66ccc8b38768a6871e945a55333ada

    • SHA256

      72407f11c29ce3fd79be553c3de50239c04ae8932d56ad2a6bd2bfa55111d96f

    • SHA512

      7c70c497739a65350136ba31de5f419d0d7a559b58267807e6de3c6e9cf08f2bfcd30cd428365b586c3e73432a78b0c7b39952b3b70b6e4de12e3f59f96a23c9

    Score
    1/10
    behavioral3behavioral4

    • Target

      Free Hacks.url

    • Size

      112B

    • MD5

      ba5fbb2a8152c55a72e671550c24c0f3

    • SHA1

      b484d287e062c3a26f2f439d460d90ebbac7fa98

    • SHA256

      042bd1ac74a622aabe83c60b74c0813a2303903080ac82614c535c97d4db5ad2

    • SHA512

      3041b66791e7b2ff63ade425ff2e9f10c212abee7d1c1fb34de72b07892b2e35650df4ebf494df9b6937f99e9d81a95e46c0849ef7caf329ef2881f2b102c5a2

    Score
    1/10
    behavioral5behavioral6

    • Target

      Orbit.exe

    • Size

      1.2MB

    • MD5

      ca059a2f6fe8b071e1363d9d5efce2c8

    • SHA1

      28345605350f793ed919d86a65ec8aa12bec88b6

    • SHA256

      57e424419fb1d5415b5d14b97f26afc69b31be8c5543d9ef5c34f9ec8e838523

    • SHA512

      b7dfdcb7b26c44654c4c77d0b69063288a7906215cbed8f2678e6a90e78549eb572f7005991e620ffda9ac3ed9b305d683998cbe6ded1a21b0f78d1c10d36833

    • SSDEEP

      24576:LH8aOH+M1jLQh5I0+TN0+2uMe5gZ/+nyqVi:Se+L3pTSBenB

    Score
    1/10
    behavioral7behavioral8

    • Target

      Orbit/DisableHypervisorEnforcedCodeIntegrity.reg

    • Size

      173B

    • MD5

      dd243eb0a44f50ca37d79fdaf301d98e

    • SHA1

      e75417c31ad7e11e248180277532a7644aad3f15

    • SHA256

      86554a668bec8cda1dd60c3256ab0eba14251b8bd9958f5bd7bb5109dbf63e83

    • SHA512

      fd927c3918a6bad0fce12e9d63fe8d3cdb82664f7e7c522d9b09e9d5cffd2f9fe968cefa83ead42185348523bf7eb7c8d3a0a0389c9858069bf25d09a638fdea

    Score
    1/10
    behavioral10behavioral9

    • Target

      Orbit/DisableVulnerableDriverList.reg

    • Size

      155B

    • MD5

      efc53212201c2dfc033dd1f86fccab58

    • SHA1

      3e539ce67bca171b2cf16c2dfc84f8555e87e8a6

    • SHA256

      555e773f0cbc2178e71259bc42ac325761841f25ef6ce4eb9ce6bc9f55176f64

    • SHA512

      3bcc15b08325921358d9a6113e0a8f08cefd7093e4927aeb2bb2fed4761ffd539c6ea9358101044dc0d443b9e79c69ad7f582300b0da894ace075b549e023479

    Score
    1/10
    behavioral11behavioral12

    • Target

      Orbit/DriverMapper.exe

    • Size

      141KB

    • MD5

      8bf69edda1e10f0e935038d8299b3eae

    • SHA1

      8b45de6bf04e717ab40e54474ba269362cfe6517

    • SHA256

      e7a503f0a7bc1acf71034abc36329b1733f0b67aa6e07bd06688bfd9e333e871

    • SHA512

      2cf04f99f323b4b72038e328fd3868d5ad444d243fdae97a12eb553bcc263b0dff8b43406ad4619938890670aae19a7640605c04ba2b8612fe1cf0637a1a0223

    • SSDEEP

      3072:bWN6o/h7LjD4doNPjUhGu9rrmJTQSaMm5/6NnCI5u3HjJu:bWNd/h7UdHgWlqtIF

    Score
    1/10
    behavioral13behavioral14

    • Target

      Orbit/SamsungSans-Regular.ttf

    • Size

      232KB

    • MD5

      c5de1e4ff3008e2173147dcaaa45bc9b

    • SHA1

      4d912a5f84d3cc776c0f8e99a7f1153a1a4859e8

    • SHA256

      d358c1d91f8dae7cfc22e588c62753a5332269d4d14a7d4e721febcf3386331d

    • SHA512

      2e0757e2ca5e3b478ff8a9285701ecfb0f971809f184f29eded40ed69c0d4817ccc97ccd44414a57d0ce677c7b03979d1bdfb16cba828f8cf64070421733150c

    • SSDEEP

      3072:infj2y42tLwjUyBrZkcxxksc1AgdyvBmBXGykmTA9pXB3E1VFVPDoozv8vNi9ZZ8:u2y4ULwjxFZkMyyvIrfDo2Z8

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      Orbit/SmallestPixel7-Regular.ttf

    • Size

      25KB

    • MD5

      cd2242816d23dad4250f5ea159c7675c

    • SHA1

      de74028b5cdb4f3ddc5d5efb0a9b16111b5270fc

    • SHA256

      0e71338a9ae45df2ede080567cfab831627bac9a83be601521ddbace4cbed11e

    • SHA512

      5636ff40d846a824c555b076b8ea95a24a62fce9e1abb04048d529a98d62c9961ffa9f12bbd38caa3281f33dc10900aef3095362f34309b6404ad82fd0900458

    • SSDEEP

      384:VfvBLFj/8zVzglSHg/CxhAzxhAefWVfW0Ur2tPRGVRZ:7LFj8zVzglIAbqlPRGJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral17behavioral18

    • Target

      Orbit/Weaponicons-Regular.ttf

    • Size

      17KB

    • MD5

      1d84038477421f2cdb62ded83e2046f6

    • SHA1

      2a272a4ab4f9f8a2a0040359625d42524595754c

    • SHA256

      298c90b91c908e56e3ae708f094ca76b00a7867318631673cb0cf54961179d43

    • SHA512

      5873d92218f0e29c56495e80e2d2b081ef3e05f20281fe4e06fa5587c7a5306c655aea45195dd50196f29a468273018ffb500a330e8f89ee7b1497a9dac614af

    • SSDEEP

      384:uRylW+Jh2kpxDuh0Wp9ntcKAP3SMUbRBhksSE5uBtRYq:jlDpv0nqKACHSEAxJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral19behavioral20

    • Target

      Orbit/Win10_22H2.sys

    • Size

      6KB

    • MD5

      d54c0615043acef5031901227463efba

    • SHA1

      27de864ea4533ad9d31d0a2036617d6addc26f83

    • SHA256

      af05cc91b5a9b1b5a011b6084e9b139f16200246e1d1abfd64b4983a0a0c0840

    • SHA512

      effefb26f4a6cdb9deb6a2010c3524a3646ee682bcf977852e62377445258341b6207bd5613bab12dda492c9a53da1c88c2c22ae153ded885968db3595c88a63

    • SSDEEP

      96:nq8Z7G07mJh3aWa+76lWzRueg6SB1eDz/G7UaYPYcxMIPTvcQGE3J:7Z7GKDEvE+yeDzoYPYmPv3

    Score
    1/10
    behavioral21behavioral22

    • Target

      Orbit/Win11_22H2.sys

    • Size

      6KB

    • MD5

      32063918951821d3ee6e060a7c8e9788

    • SHA1

      0ed03d1d01038c781c603e4524362dae08172603

    • SHA256

      ee7420c3eafb05952bc26cc56caa3b901c5bff8070c533e9c5115d36891d3859

    • SHA512

      e469f2a600975dfa7e2f1cd0d1fd64ab2b83009b7b29164d18a80e47c779ff058de86e6dc72297583a00c9285ca8a4619d476d73d9712e2eee9d78e010a027f3

    • SSDEEP

      96:nO8Z7G07mJh3aWa+76lWzRueg6nB1eDz/G7UaYPYc1MZPTvcQGE3J:3Z7GKDEvE+PeDzoYPYLPv3

    Score
    1/10
    behavioral23behavioral24

    • Target

      Orbit/Zappericons-Regular.ttf

    • Size

      3KB

    • MD5

      6171764d98cd619bc54dff71fbdb646b

    • SHA1

      578f0ae0a40c66950a87a76cc020ab22d5008288

    • SHA256

      3c5f8071d0897b8c0dd694704b1cc4c051609c98a154e88a088e8e9ccf2fa56a

    • SHA512

      52a35bde5e17f5d79fcf449b8c71243e7d51e6c984a54ae4058d460ce8bd6c4b55f474ee486e5a7fa3ddd2a9a5ced47ccd58dbd2011010d98fd69cf183f63b48

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks