Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    parsec-windows.exe

  • Size

    3.9MB

  • Sample

    240501-sb844she7z

  • MD5

    01ef58e7c144c701b2ea01cfc049dbe4

  • SHA1

    2f572accb519096c9ea805812ba53703c16cceea

  • SHA256

    ae5b66322e5a7c26ad21ccc556bdc1618796166565d2939142c5aa3d76c38ace

  • SHA512

    434fd6d4eb49669617da3a15c2239a2cf524624cc4fcf9f09d8bb78a40ddf2dc5e70105e6708ce7643448f3176301edd64a9b71244c179a836119532d7dd69a6

  • SSDEEP

    98304:QsSoMQnPLeMNCvYa59QKS7XnqSsAVlsX4pIDmjjcrhm2NGbUU:QsSByeMj04VlslQsm2NK

Score
8/10

Malware Config

Targets

    • Target

      parsec-windows.exe

    • Size

      3.9MB

    • MD5

      01ef58e7c144c701b2ea01cfc049dbe4

    • SHA1

      2f572accb519096c9ea805812ba53703c16cceea

    • SHA256

      ae5b66322e5a7c26ad21ccc556bdc1618796166565d2939142c5aa3d76c38ace

    • SHA512

      434fd6d4eb49669617da3a15c2239a2cf524624cc4fcf9f09d8bb78a40ddf2dc5e70105e6708ce7643448f3176301edd64a9b71244c179a836119532d7dd69a6

    • SSDEEP

      98304:QsSoMQnPLeMNCvYa59QKS7XnqSsAVlsX4pIDmjjcrhm2NGbUU:QsSByeMj04VlslQsm2NK

    Score
    3/10
    • Target

      $PLUGINSDIR/ApplicationID.dll

    • Size

      196KB

    • MD5

      a858c1a57e32485505b1977cf0a125be

    • SHA1

      25d86c4b51f7cc10fc70e3a0493a39c4460cc350

    • SHA256

      1462a072345e86318b981089b08b613a34027ddf527bfb66606c683f218fc3b4

    • SHA512

      32b597fc2412a9407fd12ac77c556ff9740f1dd0d2055426d11a7baf21b09c536a84cfb97865b4e94168656514e7ce71eb2bc4122aa340100f4ce483bad1722d

    • SSDEEP

      3072:2pBNN6AmU9cDlKd3P6V9nSm49WTgKg4Fa1V3FuXRAuAg0FubA9cVsL+73:2pzxmQ3yL+9MgKbxAOEXY

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      6c3f8c94d0727894d706940a8a980543

    • SHA1

      0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    • SHA256

      56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    • SHA512

      2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    • SSDEEP

      96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    • Target

      parsecd.exe

    • Size

      454KB

    • MD5

      62beb668110b4c5ddad09bb20d921cb6

    • SHA1

      f3706372c01d1e607ff8c605307de6ef2c26c1a4

    • SHA256

      6f1be9e26e403a885cc3b1ff0e4dbecbc96c0821119d25990c3e211564f215d5

    • SHA512

      8994c3f1c78b0a816ecf30e463af8d6ddfd0a0ce7b962cbf13e9bbd360d37a024b8ee69c76745f4c332a4786dbfb9216667b1d03c32c60a7c06e85359a2186ee

    • SSDEEP

      6144:rkdyuNAbS9p400tm61bXdCwx+3y6kR1DnjvGms7X5od0:rkUuNAbS9p9cx1rdCwh6+/+msjmd0

    Score
    1/10
    • Target

      pservice.exe

    • Size

      408KB

    • MD5

      46cd3fc327af9109bd143ba7f16df397

    • SHA1

      53d2a6bcf0d21168050b852e287c2ef62f52f909

    • SHA256

      5a699a165838c739e449ac19a52e0a05b841bcee1a27f7d348f0dd04c8e277a3

    • SHA512

      d6e35f0dd4f6ef259dd7040d80cd469f27eb460836a4c767d40678ce82b46ce4c38b329c0cf3b41236cea2f0333f94669cfbef05ef484d91035f52ad4c1a5ca3

    • SSDEEP

      6144:qaoZkv+B1x9heMY32Z4iZDzDJGjvGms7X5Hm:4Zkv+B1x9cMu2ZzS+msjZ

    Score
    1/10
    • Target

      skel/parsecd-150-93b.dll

    • Size

      3.3MB

    • MD5

      1ff3e1349edd37a206a97943731045c4

    • SHA1

      6d1cfc0c0b26191385cb27149433e743b74d479a

    • SHA256

      b43debe8105cfd4e2c8f81599497ad4ad38640f19a64f9e530e7d2f64662bf6d

    • SHA512

      80f91692c22587e76e26c7ca38b267493d4598bce75e284b3fef4ef03c64ef8ba91d67bb7be2bddd9624e4aa52a67bdeb4b5eac3a86a31529bb18c44f5824fe6

    • SSDEEP

      49152:UWvLIUXeaP9CAYaXaAndGk4L8jTMFv43/ruceDSbsRCy9uzY9eQoYVe0OUrVxkov:0I0jNdLrpEeD+vqBlMe

    Score
    1/10
    • Target

      teams.exe

    • Size

      342KB

    • MD5

      faa24223985abfbf64e4ddcd43f062d3

    • SHA1

      e1374dc7c98405efc5a44aa3229b97eabdd69bb2

    • SHA256

      6dc71b2e92b770dcfeca4a32c8f1787210311f731f1124754df193ec22d5d13e

    • SHA512

      23324afcb51508f5ea3f120a5787b150a8226d677c5a55fef219674b4d619fd0d7300d2b4cad917864d5f54788b9c8546db2a77aa4f0d666a956014169c4a6c9

    • SSDEEP

      6144:GAR9duE83BYjyEbU1SDgFg8EwkSdbAxD22y6jvGmp:H9gp3WjyEbU1SDAgJw40c+mp

    Score
    1/10
    • Target

      vdd/parsec-vdd.exe

    • Size

      505KB

    • MD5

      4b9a3048286692a865187013b70f44e8

    • SHA1

      eefe91d9702314341acccd828fe4edb6ee570d7b

    • SHA256

      e23332448fdaf5aa017cb308db5ef6855fac526a7ded05d80c039404126d5362

    • SHA512

      a38b9a0a1626d9f40ff2c718717a793108c7e773b25493cc53c595e6b9840cc4de66587549f43ce00569b368834327184a90d55da3c4ae0e269e1d0edef6238d

    • SSDEEP

      12288:QbLQNEFqf6MouZQqdF9zuAkDjdCjXHSZz2AKhAOYYA:QbUNEFKXrZ6ZjdFZxKhAOYv

    Score
    8/10
    • Drops file in Drivers directory

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    • Target

      driver/mm.dll

    • Size

      169KB

    • MD5

      f09967cc8cc9bf03612ddecb6bf86daa

    • SHA1

      166f8e3000b6a1e2b13b46e85b7559b9837b9aa7

    • SHA256

      96db6ae2f950b56e52be3e68f92893afa94645eae09fea2abd5dd1985758150a

    • SHA512

      190d2edea81c42a2d7a5bc69cb98f03368e702a5fcb3fc1dcd4e9c387687bab542e4b0e5de67292e8b8a7efed7fd9e30d1efdd35bcdfea28417de71db0e13864

    • SSDEEP

      3072:3zx0G2cnU93aR9bN9m3KUrru7qqybewIvUZdRfCzzr/:3zS9w9m3KUHAVvUZWXz

    Score
    1/10
    • Target

      nefconw.exe

    • Size

      574KB

    • MD5

      e9f2bc8c82ac755f47c7f89d1530f1a1

    • SHA1

      7ce5938c4b8a3eb4de49f7a7e34972f5f2acfcb5

    • SHA256

      cf746d1b0bbb713993d4a90dccd774c78d9fff8c2ba5a054b6c8f56c77e1eee1

    • SHA512

      86ed0a391d22631da9bdc7eb9cb096ba4de4c6619c6c4326030cb03d196b63e5aa156bac264a48d5b4cda7401844a3b5050259b41859d32e0c4d39b96913c2ce

    • SSDEEP

      12288:o27GX/DYwTLMcdMcYsWpP86/6L94gsleElgEo0JFoG:o27GX/DYwTLMcdMcYtF8S6L94gslbOED

    Score
    1/10
    • Target

      vddinstall.bat

    • Size

      420B

    • MD5

      ee1bfb5ccbb3949e3258155e141a68a5

    • SHA1

      b79dd1e75e3e7acd8d21d7b17c86673a6c6383d9

    • SHA256

      1e7c35eb6c296f96aee5ae4bbbd40395e8019bde95ef9bef91260dd8ef03c6d1

    • SHA512

      b37d680f5dab52536926c718eb1b4c1f0e78552c061756f998e3a3ccb2dc4fbea15dd1a4b181646a68a2987a22ce225c185c2ef2bb1d10a70c780ada8cf9f9aa

    Score
    8/10
    • Drops file in Drivers directory

    • Drops file in System32 directory

    • Target

      vdduninstall.bat

    • Size

      272B

    • MD5

      fbc8d5e19f89dffccd165f44abf114b4

    • SHA1

      a07501ea396a4e29654352cf8ed71c7819109e5d

    • SHA256

      8f503e40a32959d9d2ee5a9e2a3da627f6ed158e6c87c47ef17f1e5d74f47b9a

    • SHA512

      08739f57b74ea457f505d416c5cc6c50539343ee33e80d76b95ca1a9b8760eaef9e97712a5824d8c22a7287c819149a6b60e6a08511e292cac71ef064ad168f6

    Score
    4/10
    • Target

      vusb/parsec-vud.exe

    • Size

      885KB

    • MD5

      2d009d446a0ba83ec2f12242f7ed126c

    • SHA1

      7e5346787e8950a8b3f17fb3f527e0f80055f059

    • SHA256

      436088a5eb416935d7bd452e4e53123c2e65b737eab7d98ebe1913618f95e61b

    • SHA512

      1a3e761f5cb3ad8b4979d60d197ab5ff75929408ddb065080d687be02a33058a953dfcb8f01e5b87332fe54cf578bed191122e57bb2f0d2fcf7a6874dfaf8a57

    • SSDEEP

      24576:Ib45b9QaRG2zB9aKXrZ6bcmH0q8qHFael5:CsuWGcjLzmUaHX

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks