Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    GDLauncher__2.0.6__win__x64.exe

  • Size

    111.3MB

  • Sample

    240423-mtc7hafe68

  • MD5

    3b3684cd4409978a89e1b40da1f2e279

  • SHA1

    a2f18e924cc43ef71b67d1a7efffcdfe77562299

  • SHA256

    d847b98ee4ccdadf0a406fa42cac1de6132ed595bc3986c54e22a1b46e178aaa

  • SHA512

    b7a33061917af47b55096e890e78fc1ccd720915e3fdfd102789d6e93563ce2315ee1faa6271119a61910e019f2ed2f42fc4cf4e7952952484772bff04eba10e

  • SSDEEP

    3145728:Wwe4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXQ:K4/Yh/iHW/6IsS8LMxyQ

Malware Config

Targets

    • Target

      GDLauncher__2.0.6__win__x64.exe

    • Size

      111.3MB

    • MD5

      3b3684cd4409978a89e1b40da1f2e279

    • SHA1

      a2f18e924cc43ef71b67d1a7efffcdfe77562299

    • SHA256

      d847b98ee4ccdadf0a406fa42cac1de6132ed595bc3986c54e22a1b46e178aaa

    • SHA512

      b7a33061917af47b55096e890e78fc1ccd720915e3fdfd102789d6e93563ce2315ee1faa6271119a61910e019f2ed2f42fc4cf4e7952952484772bff04eba10e

    • SSDEEP

      3145728:Wwe4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXQ:K4/Yh/iHW/6IsS8LMxyQ

    Score
    7/10
    • Target

      $PLUGINSDIR/SpiderBanner.dll

    • Size

      9KB

    • MD5

      17309e33b596ba3a5693b4d3e85cf8d7

    • SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

    • SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

    • SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

    • SSDEEP

      192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY

    Score
    1/10
    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      $PLUGINSDIR/app-64.7z

    • Size

      110.7MB

    • MD5

      fef022a4d2784792c68978672b12007b

    • SHA1

      907dadcc811c7c11ba8c459fb4c859a57548fc97

    • SHA256

      db5c6e26d02dc24fc77145033426c3796a6c82ecf0ed203b510db1f4a1d72ae7

    • SHA512

      d5d4cbce4e17eb5b394f72038b86b55146279631cc649858be892eb77d6bbf779075ed648c4caa032ebccfcb10cf77a5486997bd47b7c845a734d5ef9f734878

    • SSDEEP

      3145728:Je4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXV:M4/Yh/iHW/6IsS8LMxyV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      GDLauncher.exe

    • Size

      169.9MB

    • MD5

      1e78a22ba51219a321c0ffe245871915

    • SHA1

      d27ab1645110f5c9b29bf0d93775f414af9d8e90

    • SHA256

      a9c23f5fd00df04dd51c57aa0fe46cc2af8c9e523dc3183018dad093f03ab1d1

    • SHA512

      c4175a0f48042f285525c4f674003febaf385fd4ab63546502a467173a2f9bd3f66b0a233d84b685ae7dff5ccd0d986ffce5743519fb9f30db2b9a579ec6292d

    • SSDEEP

      1572864:js+fxQiW1vVzbHpUcEtmLd7cF3PPHNzLuTe7ulsxM/Gyr/w7VoB4X+x2CFRXQQS5:2e8BWNg3DFxfq

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      LICENSE.electron.txt

    • Size

      1KB

    • MD5

      4d42118d35941e0f664dddbd83f633c5

    • SHA1

      2b21ec5f20fe961d15f2b58efb1368e66d202e5c

    • SHA256

      5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d

    • SHA512

      3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

    Score
    1/10
    • Target

      chrome_100_percent.pak

    • Size

      163KB

    • MD5

      4fc6564b727baa5fecf6bf3f6116cc64

    • SHA1

      6ced7b16dc1abe862820dfe25f4fe7ead1d3f518

    • SHA256

      b7805392bfce11118165e3a4e747ac0ca515e4e0ceadab356d685575f6aa45fb

    • SHA512

      fa7eab7c9b67208bd076b2cbda575b5cc16a81f59cc9bba9512a0e85af97e2f3adebc543d0d847d348d513b9c7e8bef375ab2fef662387d87c82b296d76dffa2

    • SSDEEP

      3072:IOzwJCGIekwdLpsXYFAXg6IL2o418Gb0+VRLf0ld0GY3cQ3ERVm2I:IOzw1Iekam5QpK18Gb0OV8ld0GecQ3Ey

    Score
    3/10
    • Target

      chrome_200_percent.pak

    • Size

      222KB

    • MD5

      47668ac5038e68a565e0a9243df3c9e5

    • SHA1

      38408f73501162d96757a72c63e41e78541c8e8e

    • SHA256

      fac820a98b746a04ce14ec40c7268d6a58819133972b538f9720a5363c862e32

    • SHA512

      5412041c923057ff320aba09674b309b7fd71ede7e467f47df54f92b7c124e3040914d6b8083272ef9f985eef1626eaf4606b17a3cae97cfe507fb74bc6f0f89

    • SSDEEP

      6144:QsDQYaSN6svydHLhQegx5GMRejnbdZnVE6YoppO4:QBfSN6svydrx6edhVELoXO4

    Score
    3/10
    • Target

      d3dcompiler_47.dll

    • Size

      4.7MB

    • MD5

      66b5abcddb20803baf35f94a64f00a55

    • SHA1

      ebf9c371416031dae0a7df00c2d2fdf5804a5411

    • SHA256

      43a59623714b85c09fc9df78e24cd33fcaf1b160daa338eb95069f45ef3822f0

    • SHA512

      0f5c0ea3cb4e8a11b1ac98e6723c4ef22b399c90df4a3b9ee782f974092121e8b5bd4af3d75ee479e3b9528e2e274f7fde794ea49690fcbcdd2645e26cfbfb29

    • SSDEEP

      49152:qCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNe:RG2QCwmHPnog/pzHAo/A6P

    Score
    1/10
    • Target

      ffmpeg.dll

    • Size

      2.8MB

    • MD5

      59108b1cd0f923babc1e237e84834111

    • SHA1

      b77bbd053d05f9eb7acf6a84c57be05846fe00e1

    • SHA256

      8b8d4beeb676935ab0b619b1ad3a84d9d37bfccb2ae812e42669b8d069f8de63

    • SHA512

      f8596567038d632497c77bfc6aab8ef0c01023fd2ae0abab7e33260ff9afd6bb882da62675e88703e53dc731a47bb74c235d56c97802b3d351d1e12e055228ee

    • SSDEEP

      49152:qPDtyvMYqXiOamQ7NyjmnMDbG7OUx7n6mfu/oB7pweIcgsxqeUsn/ud:QSOqNIoQG7OUrd/xKsn/ud

    Score
    1/10
    • Target

      icudtl.dat

    • Size

      10.2MB

    • MD5

      e0f1ad85c0933ecce2e003a2c59ae726

    • SHA1

      a8539fc5a233558edfa264a34f7af6187c3f0d4f

    • SHA256

      f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb

    • SHA512

      714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28

    • SSDEEP

      196608:hpgPBhORiuQwCliXUxbblHa93Whli6Z86WOH:n8wkDliXUxbblHa93Whli6Z8I

    Score
    3/10
    • Target

      libEGL.dll

    • Size

      477KB

    • MD5

      914e207a064cd85fe565b4e8adbd44f2

    • SHA1

      72c6770172b0645418f40c8595d4a2b7689c0743

    • SHA256

      5993b7f7291793b1af2ee7c45c985564cd1331a30d9ed378a2982e14fbad750b

    • SHA512

      8ffd73c89e8bdbcf8166df16334284b0d32fab894ca708dac8889d89bc59f640dee58a0434cb7b1fa93dce126c541815f976bc25eda0c8c7236a78195c237749

    • SSDEEP

      6144:TuF2DwTNCKxOUxcfDVTyKH/VbPGtWQAOWIBtuKYbu7DBi:qDCKsAcfDVjktWQAOWIubgs

    Score
    1/10
    • Target

      libGLESv2.dll

    • Size

      7.5MB

    • MD5

      46cb552ac7fef22fa1f610b7fa3d3feb

    • SHA1

      d40559b1d09ecd7da5c1fff459dc06bf64bad3c5

    • SHA256

      90b9f900cdceb04a9a5d1fd124e7b4f424c15cdc12e8d340f26b7eefc8238ce9

    • SHA512

      e6a61b657c5033bacf464f2b585bbf6247b7efa7cee3fe343b6ec3adfa8644b4a6d2c0125824c935d7944d5b445a9d2f1a6c7ba6d72be7cf626b6b75e663ca9d

    • SSDEEP

      98304:2YM1bKnyhXV3X4Nf/eW74heor1up6sDCpaXm3TV4:2L1jlX4F7ivuyUCTV4

    Score
    1/10
    • Target

      owutility.dll

    • Size

      1.5MB

    • MD5

      9b23fbe15c5ebb0d09b901e1e139f97d

    • SHA1

      730807444686f38dc92b1c47ccf1f524f3277f60

    • SHA256

      99f69191760484ee8aacc5c453f1b14b8c977da312e91dd34cdc6b254872ed43

    • SHA512

      30dde82199d53c7cace90faa4f6e2e4725a21f881b99d27f347ddaae75b5e1af5a351c0ac2adca535489dfc59de7cfd379cf71270dfc6f975e167996e840262e

    • SSDEEP

      24576:cCRhljMyiAfrZF++n6iJLDMj3M8s2MmSVbnMAugm1UplhBwPTPxyvew:cCHlj5ZrZFnn6iJ8j88sUSVbHuLShq/w

    Score
    1/10
    • Target

      resources/app.asar.unpacked/node_modules/@sentry/cli-win32-x64/bin/sentry-cli.exe

    • Size

      7.9MB

    • MD5

      052dcdab86876805e0d53e1e4a778b86

    • SHA1

      aa3b3a73c8d66e0a97b865b05ce0dfc04cef19d6

    • SHA256

      da981ef4de12d2ea9611ede14429274668fa1568632f9992871026f10adc3d9a

    • SHA512

      2e81f5a85f68129f4697133eabbdfadff83a836abb2735a475fc90a6c59813cf38caa7cc786fcaf6a71a8ce26d560f7f38d58d3672fd36cff8c95b9bbe35616a

    • SSDEEP

      98304:c8i6OjApjzwbwVJ/v6M5cU4vJYN39PzCTxrYjWTQ/pA7/tSQEr2yBGsvGovsW4E:tiAHvWAbFWTQxANEr2xYGovt4E

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
4/10

behavioral2

discovery
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
7/10

behavioral13

Score
1/10

behavioral14

discoveryspywarestealer
Score
7/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10