Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

protobuf-2...or.vbs

windows7-x64

1

protobuf-2...or.vbs

windows10-2004-x64

1

protobuf-2...ts.vbs

windows7-x64

1

protobuf-2...ts.vbs

windows10-2004-x64

1

protobuf-2...or.bat

windows7-x64

1

protobuf-2...or.bat

windows10-2004-x64

1

protobuf-2...ate.py

ubuntu-18.04-amd64

1

protobuf-2...ate.py

debian-9-armhf

1

protobuf-2...ate.py

debian-9-mips

protobuf-2...ate.py

debian-9-mipsel

protobuf-2...rk.vbs

windows7-x64

1

protobuf-2...rk.vbs

windows10-2004-x64

1

protobuf-2...are.py

ubuntu-18.04-amd64

3

protobuf-2...are.py

debian-9-armhf

1

protobuf-2...are.py

debian-9-mips

protobuf-2...are.py

debian-9-mipsel

protobuf-2..._cc.py

ubuntu-18.04-amd64

1

protobuf-2..._cc.py

debian-9-armhf

1

protobuf-2..._cc.py

debian-9-mips

protobuf-2..._cc.py

debian-9-mipsel

protobuf-2...tos.py

ubuntu-18.04-amd64

1

protobuf-2...tos.py

debian-9-armhf

1

protobuf-2...tos.py

debian-9-mips

protobuf-2...tos.py

debian-9-mipsel

protobuf-2...y_c.py

ubuntu-18.04-amd64

1

protobuf-2...y_c.py

debian-9-armhf

1

protobuf-2...y_c.py

debian-9-mips

protobuf-2...y_c.py

debian-9-mipsel

protobuf-2...rapper

ubuntu-18.04-amd64

1

protobuf-2...rapper

debian-9-armhf

1

protobuf-2...rapper

debian-9-mips

protobuf-2...rapper

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f_00b2e3.zip

  • Size

    6.8MB

  • Sample

    240507-m27fbaff88

  • MD5

    733e0b7aeaa0f32e7f2115355dc1e67b

  • SHA1

    126746c3b8c9f886be4442c4c9f4cc18e4f49f69

  • SHA256

    5ef94cfa35784c0a564286918261c89db6f443a1b9cb87c5e4cac7cab585cb19

  • SHA512

    c1ce82f779e3c05f47dbabcd887742b82f9e8714d2e2871396da1ae9a5a9316cca6d4e5aa9eb02c0dc93add6e1fdd9baae4dca63e824df54f86514903ff325de

  • SSDEEP

    98304:HKJ4KXTSOs0RWxlCgOMgVVd7jRSnd349CYyyKUi4VUxmPvphQE32yJe2S:smZ0RTgOMsVdvRed4CYHVUUpBmyJS

Score
10/10
linux

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://dot.net/v1/dotnet-install.ps1

Targets

    • Target

      protobuf-26.1/.github/workflows/janitor.yml

    • Size

      2KB

    • MD5

      e8a4cb5d7bf0032f5a1b18fcd34913c1

    • SHA1

      1f344313bcaa53ce3770169ecd772217590c968a

    • SHA256

      f8a007bacdae9940a8abebf9e9bad8405b89e8fc1d0e9556d4732e99b38f648e

    • SHA512

      5687e241cd31deaf940a1d23849ad2969d92842cbc57ae8b86863f324303fea52badcd6fca426f0fd13463a29e4f99dbe80da77af13f8977199c63e9423cb06f

    Score
    1/10
    behavioral1behavioral2

    • Target

      protobuf-26.1/CMakeLists.txt

    • Size

      13KB

    • MD5

      494d98e3f1a71ae23dabca83084dfd7b

    • SHA1

      88ca04bb44060f25da6d6b510d70695c51c00905

    • SHA256

      3b4eca453a5b18d29072dfcdb52112d0c9b3efb27ab5578c45d92fc70b5d458d

    • SHA512

      46bb53eed79560be774db1d176a4e9ffaad474b6b66cc724c605a4216edd612e2849135e940346fe0798c1dcb7b62e7afdc66001bb026110bc0644df63d7b308

    • SSDEEP

      384:SepWAxqgjswwDJickxe2SDftXtB671TlTHxzYbIS:LpWYb7Skxe2SD19B65TlTRzsIS

    Score
    1/10
    behavioral3behavioral4

    • Target

      protobuf-26.1/appveyor.bat

    • Size

      1KB

    • MD5

      9f05ec1afb3f85a95fe04b8e0d37787e

    • SHA1

      bc615533cc4e9a65e43dd0249880554abfc14d15

    • SHA256

      1c0d98c7ac5b6d79068724be598140fa3a5a23c11b8c56da870e5c3f1a5ebc3e

    • SHA512

      e77b38f328e30ac70e47bc149d8ba7bee8e748e389c59b2e19fb2ea8f7a7a4efbc47d0fd0cea3f5f345e3d4258276af1e737205a863308a71f636da9d88b2544

    Score
    1/10
    behavioral5behavioral6

    • Target

      protobuf-26.1/bazel/amalgamate.py

    • Size

      4KB

    • MD5

      9bf99f6a0f9b2991ee27b4c452929dfc

    • SHA1

      adb557ce68290bef697978cd1d505efd58d7ba3f

    • SHA256

      dabbaf9a2155e78e6284f24d6c53d46311f7ff2b2a7ba6ec6a2e3f2608428883

    • SHA512

      d3f7dcfe836c01d823a9bbc8a8ef4e43cd83040f1a2c5af26a488949fe95ccdc3c93a94007854d467157b7b2a3fd283d862f0a0598cc5b6f8015c853658d8a73

    • SSDEEP

      96:2G1rYJfirYJ8nDE3oq3aBMTUseB4XqzNX5kDI50cTjqB/YfkzDr/6eANhXWQf1:Z1rsfirsGDE3L3qmUTB46zDkDe02jqBu

    Score
    1/10
    behavioral10behavioral7behavioral8behavioral9

    • Target

      protobuf-26.1/benchmarks/benchmark.cc

    • Size

      14KB

    • MD5

      871427bb27478af27d1542d2f1f41f80

    • SHA1

      9f11c7ef3203106d5a61b23995d4603381b2f216

    • SHA256

      82f8ab0226f5972ffab5645432e278d9332c1e431c7b33159433d596666abe7d

    • SHA512

      4b90ef13cfcef1769254f3eaeea901e6d26813f5cc1dbbb09c17180d890577ce897eddefc76eb0202414dc370e9aa55ed469ce582de8786aee4c6ae99ca787a5

    • SSDEEP

      384:vh6VbaucF2F9UTFY0TF25vtOnFnhFyNCM3OnqntSlQUnS2SrXqSS4yjcpzgzcS0i:cVeuHUS0s5vtcFyF3HA8bGf2hM

    Score
    1/10
    behavioral11behavioral12

    • Target

      protobuf-26.1/benchmarks/compare.py

    • Size

      4KB

    • MD5

      c75761aaf1a791ebda1cd8119715a682

    • SHA1

      0f0fcffbf0c6e43085f24c768b31d29c5c4c6ea6

    • SHA256

      fcf6edb3d53c576e58d2aef0e62148b9789c2669d7920cb033f57675b10987c8

    • SHA512

      692a8aac762322e4d4af7989b86979805d85755d07b7c77eb6b628259d828f9a024acd0e627bce7b102995cf99899665129edfeb34069e56bc0a4c6aa0ff521f

    • SSDEEP

      96:TG1rYJfirYJ8nDE3oq3aBMTl5+lcR2SY0+OM+yuL6+fTWG811k8DTOpMXojRjLL+:y1rsfirsGDE3L3qmlcCR2SD/yYPfTWG8

    Score
    3/10
    behavioral13behavioral14behavioral15behavioral16

    • Target

      protobuf-26.1/benchmarks/gen_protobuf_binary_cc.py

    • Size

      2KB

    • MD5

      6861e6e468f3588512733a6546d024b7

    • SHA1

      377bd2107af906fd641a6bd87208a610f71a42f3

    • SHA256

      7216e5fdaabd679c91c38554231a8d03e1130f54be9aa768fcb89a8c1aab9304

    • SHA512

      ffecff308959a32efb9341e52258aa801fd091facd44c9efa5c7a91efe9d2d56ef5350b3b39af614fb26e176847ab9de8a09bea26d1b74b09858d55587d5826e

    Score
    1/10
    behavioral17behavioral18behavioral19behavioral20

    • Target

      protobuf-26.1/benchmarks/gen_synthetic_protos.py

    • Size

      4KB

    • MD5

      9411bbb973ad204a94ac3aabaabfb3b2

    • SHA1

      95b76d6cfccc81a726284248aad15c22c0d005eb

    • SHA256

      daab0143aa2ceca8fdcadacef7d8438045d1e3c4438622aea6339ddf72fee79e

    • SHA512

      30721f49575b7bb2f2c7437696ea5107d526baecdcdbeaf2a26b84948c7e817ca897988c364cbcab337efc05d5c3b80626c4d13ba34ecbcceac8e79a89d3e860

    • SSDEEP

      96:TG1rYJfirYJ8nDE3oq3aBMTUMeZ2Q24BCTu0uZjiCo9sxsrW2nQWIt8tf9PF2TAo:y1rsfirsGDE3L3qmUMYITWjiCo9sxsSR

    Score
    1/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      protobuf-26.1/benchmarks/gen_upb_binary_c.py

    • Size

      2KB

    • MD5

      ede35aa982eacfd90bc52aa07d046464

    • SHA1

      9178faec8fb67d964819328f3af7253be6e06a2b

    • SHA256

      e69f1256dffcb123fb96d4517e35f924da7ef9bafc25c41d59a9e265312dfc8a

    • SHA512

      c1a7415e6e6a63b1254774ca1dbacd847810cba1a52969309cf0981da7aedcb475c94c52dd11e9280a95c55c064bfddeef40550546ae29529ec394a7f8f381d5

    Score
    1/10
    behavioral25behavioral26behavioral27behavioral28

    • Target

      protobuf-26.1/ci/clang_wrapper

    • Size

      100B

    • MD5

      7baf52121fc259bfef9e84bcae86fa18

    • SHA1

      4d26a10e355aeda039409d6bd8fd69482b6d77f6

    • SHA256

      27202c68e71f39bee5447757d3845b673903b0d4858dee872506fa63c8f230ef

    • SHA512

      d46353c15eca14e0b068fd6df8526f7ddaa082571cddf86de92a22559baec4ccfa43ea95ae6b50acf7f06e9198ff9b64bec27cc7fc25309da75cf4e066d62329

    Score
    1/10
    behavioral29behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks