Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Assassin_X_v-9.zip
-
Size
9.4MB
-
Sample
240427-lhl5lagd3y
-
MD5
b09adb7372205f6a80aa0671c9b5d597
-
SHA1
c72e2de1aca5f4a75f61c5c0cf5b5743c299f4e1
-
SHA256
8728e6a252a6831f67662c898943881e43bf2f7b931cfe9302c3f1886ad98f13
-
SHA512
f662de0998562e74b6cb4e2b176a00c0ce0b5b676672da1d90054d127b19358fa16d30d5bce58064ff34db11e9595c1f1d76f7fcf4b3aca425e7ac1b7ccca8c3
-
SSDEEP
196608:K0yuheYEfsVLQBfnxylR8lrLwGQhYPT/5JsoZcBeYy82Df1c/4qlGRnR/Eubc:TeYEyLixyMrLTrcBeE6fe/7GRsu4
Behavioral task
behavioral1
Sample
Assassin X.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
Injector.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
HookerV2.pyc
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
Microsoft.Toolkit.Uwp.Notifications.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
System.ValueTuple.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Assassin X.exe
-
Size
3.4MB
-
MD5
7faf649716f9b6a6a3089c654701a3dc
-
SHA1
c7fb3b7dda5dfd03ac34b44a5d1689db308373a2
-
SHA256
5a47425989935d96012305f548d6d1b5583f693dd61ff1a8e1fe28efb6665b2e
-
SHA512
f1f05901974cf44374bc273d2b45d82c4ad6ff3f9b2425d03178eb3249eabc7d581764086a9ab8ea2a3bba17453fa2f58bc974123726d6c5f652ede77d0886aa
-
SSDEEP
24576:qNgyNilNR2zTJF2ZHuduTJTyCA59q0aSeQyW72/JW363Qf0ukHe7cOF0hF:+gizdwlyCA59qRSnh2/0se7cOe
Score9/10-
Looks for VirtualBox drivers on disk
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
-
-
Target
Injector.exe
-
Size
8.1MB
-
MD5
ca1e0eb7edfeaf15cdb5891b54920281
-
SHA1
9e640c2e25a0ae32d0605afeb84b5bf2392b7f88
-
SHA256
0bf1c919402204686cdcbc447aa112844ca6160718a38204f2e87e92d19ddb74
-
SHA512
436f6a01ef6cc17d0f2b72a844b2ede4747c9e6820af00a9391fa131cc6c8fc6606246ba8185a03a7d6e684e8328af9a724e42a6afbdbe959d146ec303a8782c
-
SSDEEP
196608:IspaEbGXV1kyICteEroXxcwxV3zlxZV3Gu5D4S26cSEqCS3QCRwHjH5Eu:GEG9InEroX2s14S2IlwCuLeu
Score9/10-
Looks for VirtualBox drivers on disk
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
-
-
Target
HookerV2.pyc
-
Size
42KB
-
MD5
5fcfc9b2ff8243289511503c02461da2
-
SHA1
b93ea142ed4429fd6c5965d803660bdd8f15cd56
-
SHA256
2bf94e6cd95c5dca6a01437f9efce609a1f299b5a7101b804c01f225f664f2bb
-
SHA512
4ecf1b1bf9d20d96625fb6dc7546137b674c240e865a20a4817c567f82bda4d361b09624a632bb67b5e164bc1a153cec36dc7a6b63b49ccaa523cee864e38ebd
-
SSDEEP
768:Ybn2jsGnIavohhLzQ2LK4QRb8xn4gujfLc8WK8BM+oaSixrx2YpV6o2LHksz:Yb2jsGnbwhA4QRb8x4xHcCAM+PSiH2YU
Score3/10 -
-
-
Target
Microsoft.Toolkit.Uwp.Notifications.dll
-
Size
140KB
-
MD5
b4ec92287b0d96daad899236192de30e
-
SHA1
7e0ae9fd688f4a122acc38de99d166cdddde3f52
-
SHA256
8750440e6049ae487c02b41fbe3692790667504d2f31a7247c14179d302f887a
-
SHA512
ab547e3dfa75d21820416be1a38e7a7664080312efed13e9b4f14d6f9c6c759f962b6912a18fd4995cac22d9ad11bd857c61f7bbd9d1ed09effef743bdbd922f
-
SSDEEP
1536:5RdbKFBNaWYYK8gwb+zPws86WGkGaBb6ktu4YLHwYfJe5K+Q7GeH7I/65tWI6LXh:P9ENDYz2GLm6MBYLHr1+/47O/Ki
Score1/10 -
-
-
Target
System.ValueTuple.dll
-
Size
24KB
-
MD5
23ee4302e85013a1eb4324c414d561d5
-
SHA1
d1664731719e85aad7a2273685d77feb0204ec98
-
SHA256
e905d102585b22c6df04f219af5cbdbfa7bc165979e9788b62df6dcc165e10f4
-
SHA512
6b223ce7f580a40a8864a762e3d5cccf1d34a554847787551e8a5d4d05d7f7a5f116f2de8a1c793f327a64d23570228c6e3648a541dd52f93d58f8f243591e32
-
SSDEEP
384:VyPa16oAL4D+wW9IWmDIW4IWYDMFm0GftpBjMIraQHRN7VlmTpF0:VWs6oqDjADKeDYViG+LN
Score1/10 -