Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

MyTimeShut...14.exe

windows7-x64

7

MyTimeShut...14.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Comdlg32.dll

windows7-x64

1

Comdlg32.dll

windows10-2004-x64

1

GetPc.dll

windows7-x64

1

GetPc.dll

windows10-2004-x64

1

MSCOMCT2.dll

windows7-x64

1

MSCOMCT2.dll

windows10-2004-x64

1

MyTimeShutDown.exe

windows7-x64

6

MyTimeShutDown.exe

windows10-2004-x64

6

mscomctl.dll

windows7-x64

1

mscomctl.dll

windows10-2004-x64

1

msvbvm60.dll

windows7-x64

1

msvbvm60.dll

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

yfDNetMenu.dll

windows7-x64

1

yfDNetMenu.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MyTimeShutDown2013-1014.exe

  • Size

    2.2MB

  • Sample

    240424-nvay7shd3x

  • MD5

    0a29bcca50fed1990c835e64c19e104c

  • SHA1

    5c7f45afdb47e570b32f048e52a93d584e3d1a44

  • SHA256

    08371868aba92e7e40b8c2b7684ae051d846f288ab5692eb79b4ee19c7f9a4f8

  • SHA512

    d7d59571f3440988e3445be2ddddd5da162458cad79f157c08a4d62d9720519f0fb9cc6960d3f90f6944663af014027fddbe96473d8631a0d7e4f81bd10834ea

  • SSDEEP

    49152:fcp2swKht8J39fitqZDutbT5XHPy1OCWxqWItJ4C5iA1sQFLcpmnzeRUwmxG:Gu0U39fitqZS1BP4OCRWfC5/1sQFL4Iq

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      MyTimeShutDown2013-1014.exe

    • Size

      2.2MB

    • MD5

      0a29bcca50fed1990c835e64c19e104c

    • SHA1

      5c7f45afdb47e570b32f048e52a93d584e3d1a44

    • SHA256

      08371868aba92e7e40b8c2b7684ae051d846f288ab5692eb79b4ee19c7f9a4f8

    • SHA512

      d7d59571f3440988e3445be2ddddd5da162458cad79f157c08a4d62d9720519f0fb9cc6960d3f90f6944663af014027fddbe96473d8631a0d7e4f81bd10834ea

    • SSDEEP

      49152:fcp2swKht8J39fitqZDutbT5XHPy1OCWxqWItJ4C5iA1sQFLcpmnzeRUwmxG:Gu0U39fitqZS1BP4OCRWfC5/1sQFL4Iq

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    behavioral3behavioral4

    • Target

      Comdlg32.ocx

    • Size

      149KB

    • MD5

      ab412429f1e5fb9708a8cdea07479099

    • SHA1

      eb49323be4384a0e7e36053f186b305636e82887

    • SHA256

      e32d8bbe8e6985726742b496520fa47827f3b428648fa1bc34ecffdd9bdac240

    • SHA512

      f3348dbc3b05d14482250d7c399c00533598973f8e9168b4082ee5cbb81089dfaefcfda5a6a3c9f05b4445d655051b7a5170c57ee32d7a783dc35a75fee41aa9

    • SSDEEP

      3072:VCslb9HnH/GrQ/qCFyn7dWXSQeRDBIY/OR5JrNo2CocrJbNN6N2TRqEydc:VCsB9Hu9nweRD4JZoDxtRHj

    Score
    1/10
    behavioral5behavioral6

    • Target

      GetPc.dll

    • Size

      366KB

    • MD5

      b828a71961057ce9b616e954abf8589b

    • SHA1

      03b8cbfe320dbb48da21f8ce78e932356e67549e

    • SHA256

      4880d72d654741b344a4c96c2eaf00fd9fceea6d8a33c7e0e5bd21584b843da4

    • SHA512

      088fad6bd09c1aa59e53bf36eca14423fb597b91bebaf506767f13e0daae34e97a7218ca97a786cbfda430cc0c5ce7557990991cb7fa9e77d3a63a14571de71c

    • SSDEEP

      6144:b/yw0Zk5mfZgYnhkpZsRgbkP/i0ckXydiXvWsT7qGKATj0xRYkl:+wGk5mCgZGai0/3+yuGKgwrYq

    Score
    1/10
    behavioral7behavioral8

    • Target

      MSCOMCT2.OCX

    • Size

      646KB

    • MD5

      ae47a8a5fe8193bb84ffcd338115d8ef

    • SHA1

      edbe4b85f000880ebd68239eab29fac3d79f3113

    • SHA256

      160b0cef5e9ed57c024e9b3a278e6456e849daa85d46f2b6d1450bf19fca72dd

    • SHA512

      9dfe5f65825f58e267092fac0c7d359c7bc23ef5ad90f2abb4614e88fdc6adfddfbf7df29aabf519fb8238d5efec27ea1ddc386760d4d841c657226e850d7bc7

    • SSDEEP

      12288:NbfIjagcfVS8jyvXMdXRZjhOgkpWXib26NS/KVL9yAP5eUD52v/pG:NbwjSEudhZkpWXib1NfVL9yUeUD58g

    Score
    1/10
    behavioral10behavioral9

    • Target

      MyTimeShutDown.exe

    • Size

      597KB

    • MD5

      70a96447aae0a29029a46d0b00541595

    • SHA1

      afcc9f9de90cba428a807567bf5d1dccb35c5ca7

    • SHA256

      33f36a60455eb7de886547c839d7cd52f436d7f3f57b1608ce29b7788df44264

    • SHA512

      e5ed81dec131ffda5e8b4303d11d0b24f759765638e1533f25208c7e069da2ef32c25b36a03f7f24a06cd0b02c44866106b163ea0bfb792bfb00aa0a7dd24eda

    • SSDEEP

      12288:JZgLVvlVyiIEGpzK6FSkFvKKKIKsZVZZN6EOnQEiyGP7k:gEd5pzvKQKWLZRbEiyGPI

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral11behavioral12

    • Target

      mscomctl.ocx

    • Size

      1.0MB

    • MD5

      ecc7d7f0d3446de36045d1d9e964fafe

    • SHA1

      da6b0ec081d628c33b150327f3bd16d3b7fa4729

    • SHA256

      bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4

    • SHA512

      443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632

    • SSDEEP

      24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln

    Score
    1/10
    behavioral13behavioral14

    • Target

      msvbvm60.dll

    • Size

      1.3MB

    • MD5

      351bc7471a9874acacf7d386fa8be227

    • SHA1

      ce82d1ccf593088d09694ef90e44c4ea2761be92

    • SHA256

      20cbf8835f6fd3878acacbb7868f7b95a7aae6c2c9d5d0a926337ed31378fa7a

    • SHA512

      650efe6986a8e4dadd5fe8f95812052e047421c728fb61eafaa4512b12a41bab074171a9e7ab56d37c34fe284491d5cd4d60931a004d40115ced80c4cb56bbc5

    • SSDEEP

      24576:u5gYLuvjckzS11wIJYbvsv9NZHa2kaV7UhH+CJ+oo8lsVhpRZpyi8F3qp/:uOQuvxzS11FjNkaV7UQCJ+oo8SVYFa/

    Score
    1/10
    behavioral15behavioral16

    • Target

      uninst.exe

    • Size

      47KB

    • MD5

      89da208242478eba8244dff59caa70dd

    • SHA1

      f8fb2231a9d5418e0e7493fb79c97c6d5d903792

    • SHA256

      40e7678e756ec9b60d054d60a97675300a0a762cae2a7b01a48a9f3828e4f753

    • SHA512

      93f06c9e1214f00ab5fe59df022788f5642751f31fa2875a4853c35300f6b5457170df64fec1186fb335904c2ba1e7c80145775c87da8a29073455e91952c419

    • SSDEEP

      768:PhMZ0dF4ZFvQbn+eePu3cIQGCGbiC4k42M3wJJVKBTAScjgUW:PyZMSZFvknTePMZd4k4kJJVercs3

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    behavioral19behavioral20

    • Target

      yfDNetMenu.ocx

    • Size

      272KB

    • MD5

      791323960b5d784c75725afc7db2c2a0

    • SHA1

      b7458e04348d783bd9a8b538c9c7cfc53cab55d9

    • SHA256

      6f709c0ee6cca66193805eea8dcb9552124f1b25d99fb9c18833b1432a025b72

    • SHA512

      6f2d9d5d80a933676a621c1e60e9ba58e1a43439a6135936afe4487ea0f82f108c629898f45b0da980541efe80989664b981189353969a4c9bcc69d14a02f944

    • SSDEEP

      3072:Eg45tAqX+3QhpviHm2hhooM0Cs+xnUFQO/6mhg/5XfoT/Lbn8aCFm:Eg49+38xiG2hho0CHO/6mhOVfobLnC8

    Score
    1/10
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks