Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

netmarble_...46.exe

windows10-1703-x64

7

$PLUGINSDIR/INetC.dll

windows10-1703-x64

3

$PLUGINSDI...ls.dll

windows10-1703-x64

3

$PLUGINSDI...ec.dll

windows10-1703-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    netmarble_sololv_A_installer_80946.exe

  • Size

    241KB

  • Sample

    240508-wwxhlagf9y

  • MD5

    98c2e745ade2d1c1960cb2ae96d0246d

  • SHA1

    ccd4e48f86ae18ab8bd4b7d8283b83c93874c32f

  • SHA256

    b6bd2afa22c41c1cad9e6cd0c8afff369f471be8a9ce3c0756f2938a79fe8ef7

  • SHA512

    43dc99620cf191cd2e6eb947db5330885cdc5481765259ada4509aedea8f041f1289df31215fe7774f1d576f389a73f42238004ac3a78ef47929921ca3ca98d4

  • SSDEEP

    3072:abG7N2kDTHUpouAw9aXCvLIaSQmjWAKpQfRE9PdWlr2tvhOEA1RJCir86SrSrvgQ:abE/HU4aaXCTp8Iei9Fe2t0EyL+G

Score
7/10
discoveryexecution

Malware Config

Targets

    • Target

      netmarble_sololv_A_installer_80946.exe

    • Size

      241KB

    • MD5

      98c2e745ade2d1c1960cb2ae96d0246d

    • SHA1

      ccd4e48f86ae18ab8bd4b7d8283b83c93874c32f

    • SHA256

      b6bd2afa22c41c1cad9e6cd0c8afff369f471be8a9ce3c0756f2938a79fe8ef7

    • SHA512

      43dc99620cf191cd2e6eb947db5330885cdc5481765259ada4509aedea8f041f1289df31215fe7774f1d576f389a73f42238004ac3a78ef47929921ca3ca98d4

    • SSDEEP

      3072:abG7N2kDTHUpouAw9aXCvLIaSQmjWAKpQfRE9PdWlr2tvhOEA1RJCir86SrSrvgQ:abE/HU4aaXCTp8Iei9Fe2t0EyL+G

    Score
    7/10
    discoveryexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      25KB

    • MD5

      40d7eca32b2f4d29db98715dd45bfac5

    • SHA1

      124df3f617f562e46095776454e1c0c7bb791cc7

    • SHA256

      85e03805f90f72257dd41bfdaa186237218bbb0ec410ad3b6576a88ea11dccb9

    • SHA512

      5fd4f516ce23fb7e705e150d5c1c93fc7133694ba495fb73101674a528883a013a34ab258083aa7ce6072973b067a605158316a4c9159c1b4d765761f91c513d

    • SSDEEP

      384:pjj9e9dE95XD+iTx58Y5oMM3O9MEoLr1VcQZ/ZwcSyekMRlZ4L4:dAvE90GuY2tO93oLrJRM7Z4E

    Score
    3/10
    behavioral2

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks