Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

Skrinshote...30.exe

windows7-x64

7

Skrinshote...30.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ig.dll

windows7-x64

3

$PLUGINSDI...ig.dll

windows10-2004-x64

3

$PLUGINSDI...RF.exe

windows7-x64

1

$PLUGINSDI...RF.exe

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

1

$PLUGINSDI...er.exe

windows10-2004-x64

1

$PLUGINSDI...ze.dll

windows7-x64

7

$PLUGINSDI...ze.dll

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

LauncherSRF.exe

windows7-x64

1

LauncherSRF.exe

windows10-2004-x64

1

SimpleExt.dll

windows7-x64

7

SimpleExt.dll

windows10-2004-x64

7

SimpleExt64.dll

windows7-x64

7

SimpleExt64.dll

windows10-2004-x64

7

Skrinshoter.exe

windows7-x64

6

Skrinshoter.exe

windows10-2004-x64

6

curl.exe

windows7-x64

1

curl.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SkrinshoterSetup_v3.11.4.30.exe

  • Size

    3.4MB

  • Sample

    240515-jzc7xagc91

  • MD5

    061ba6da7357850ca194496766009f59

  • SHA1

    b31cdf2c231212c3c76c1e2616c1d04f44d89118

  • SHA256

    60c4175e18abf22d705d855abb6f16e08b80b9fb829a08589b9e4ba750c47349

  • SHA512

    8607833b8c8653545fdca0cd9011fff642622e98afb6e91503aa8a7534ff222b6821088d4e553babdb50b132d1aa42517033e584251816a574bd575ee18bccaa

  • SSDEEP

    98304:njGHuYqJ/x+OJQgQyiN5dvdlqNLOFCuAC4R/z5xQgJ:nKHuYMfYyiRvgL1uZa/z5rJ

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      SkrinshoterSetup_v3.11.4.30.exe

    • Size

      3.4MB

    • MD5

      061ba6da7357850ca194496766009f59

    • SHA1

      b31cdf2c231212c3c76c1e2616c1d04f44d89118

    • SHA256

      60c4175e18abf22d705d855abb6f16e08b80b9fb829a08589b9e4ba750c47349

    • SHA512

      8607833b8c8653545fdca0cd9011fff642622e98afb6e91503aa8a7534ff222b6821088d4e553babdb50b132d1aa42517033e584251816a574bd575ee18bccaa

    • SSDEEP

      98304:njGHuYqJ/x+OJQgQyiN5dvdlqNLOFCuAC4R/z5xQgJ:nKHuYMfYyiRvgL1uZa/z5rJ

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      27KB

    • MD5

      6f73b00aef6c49eac62128ef3eca677e

    • SHA1

      1b6aff67d570e5ee61af2376247590eb49b728a1

    • SHA256

      6eb09ce25c7fc62e44dc2f71761c6d60dd4b2d0c7d15e9651980525103aac0a9

    • SHA512

      678fc4bf7d345eeb99a3420ec7d0071eaba302845e93b48527d9a2a9c406709cc44ec74d6a889e25a8351a463803f8713a833df3a1707a5ad50db05240a32938

    • SSDEEP

      384:DZoRF0XXUuJReQg0Tw67ADWBTgmldIogUD3GLgFmyaX/fVYcWJQCDmrinogRdBl:DZaF0HtTwuz9yu3KgwRX1nWJ1q+noI

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/IpConfig.dll

    • Size

      118KB

    • MD5

      a75e3775daac9958610ce1308e0bca3b

    • SHA1

      d83ce354cde527c2e20fb425415f6d4795dd4cd4

    • SHA256

      fe2093ff4bfa1d7259c922aca1e7bb219c4d234e469942446d9e2f8086b7d720

    • SHA512

      48168a91ec90df262b1e158f32b4bc2a6d6ce10022eb96d4a6f3c755b977e5c104558626adaa214bda29d7f1d246f19e2df59b9a338982aa1c623e1bdd5714c6

    • SSDEEP

      3072:oa/4Ftm9rSlia00FW96LOsWNQmtQ9WVx95+tTIJ:t/4S9raiae8DSDtQ9W3utEJ

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/LauncherSRF.exe

    • Size

      142KB

    • MD5

      439682e20cd3b52b73127888772892e9

    • SHA1

      11a2f12ea9bb3319a7070bbbe9c73bef5e0f1846

    • SHA256

      1db6f336eac2947e467243ac4f7b87cd5de253939351e6476653a10365a69848

    • SHA512

      5e8ac59db831fafd00cbb2650bb4222f9c222569927258bacc288b47797d16bf9a220edb18e6ff15470e175928993488a2ada07ee3c14939f12b94be43b7e1ab

    • SSDEEP

      3072:dLZiuLO7/1OXdSXPVIY5NailV+bzdp5fa4sis:hZinyY59abzdrfaLis

    Score
    1/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      adb29e6b186daa765dc750128649b63d

    • SHA1

      160cbdc4cb0ac2c142d361df138c537aa7e708c9

    • SHA256

      2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    • SHA512

      b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    • SSDEEP

      192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/downloader.exe

    • Size

      177KB

    • MD5

      70fe52d099713fd74b6ac07cc5c9703b

    • SHA1

      b4f1692fbd5038f27f1e7c37db23047b0fb5b03f

    • SHA256

      304318534e2d5d671d90185cff006716ffe488b3607f11d73caea2b58aa759d9

    • SHA512

      1fe7811b3917c73dd6bb479b3ef93c4d018198d92e6ded916002c938b72a9f95e1a9f8375d27c4d7d706075827b55b9c618b15522bc63ecd1bf17daa6dfdab45

    • SSDEEP

      3072:q79ht0sZHwSYteJF/xnVVq+OYkdG3u89rMQLNyBknk:q7qsKQ0jnAt4Bknk

    Score
    1/10
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/nsResize.dll

    • Size

      4KB

    • MD5

      a8655e0ca9e079edc631838273afc087

    • SHA1

      20c4468e90f961c499870cfa6a179c82f6d72675

    • SHA256

      eeb2705599c3075e652762e74c88d3cb482e01ad8cae65f02022f91aebf13cb5

    • SHA512

      383201fc7f0d15f0d02ae638e411becac61eb5f475020220035ba6df560aee23cbb90082e6827aeaba434e150c08df87914e3cea308ed197f86d560eacc369e1

    • SSDEEP

      96:Ue6mLjDsOqfMJggfp2BnorPJ7G17JAgX45:YXOqfMJPfp2Bnci1NAI

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/nsRestartExplorer.dll

    • Size

      72KB

    • MD5

      56331af76ad6b4bbc2be2904c0bd3d43

    • SHA1

      fdfe052c5260d0be9a00d089d4482b2b3672cdc4

    • SHA256

      406dfe5b074bf8966ccaa6702e059e557aab4c1e6869db443d92d36701b65fd5

    • SHA512

      f87652d87e3ba754d97a6579f545190c0efcb28fc89d65600a4b1c5ef14580b20d59f058c0b407cf38ee230f44f61c40ac7ef06fbd0a7284ce94c6e0121ee8ce

    • SSDEEP

      768:LxQMGsApA1qcgVWHjurbI5zr99IV+e6GbG/3UspOb/eQt6eZHtQGCkO:WFsApAttcyz40D3UuObXZVtXCk

    Score
    1/10
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/registry.dll

    • Size

      24KB

    • MD5

      2b7007ed0262ca02ef69d8990815cbeb

    • SHA1

      2eabe4f755213666dbbbde024a5235ddde02b47f

    • SHA256

      0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d

    • SHA512

      aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca

    • SSDEEP

      384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA

    Score
    3/10
    behavioral21behavioral22

    • Target

      LauncherSRF.exe

    • Size

      142KB

    • MD5

      439682e20cd3b52b73127888772892e9

    • SHA1

      11a2f12ea9bb3319a7070bbbe9c73bef5e0f1846

    • SHA256

      1db6f336eac2947e467243ac4f7b87cd5de253939351e6476653a10365a69848

    • SHA512

      5e8ac59db831fafd00cbb2650bb4222f9c222569927258bacc288b47797d16bf9a220edb18e6ff15470e175928993488a2ada07ee3c14939f12b94be43b7e1ab

    • SSDEEP

      3072:dLZiuLO7/1OXdSXPVIY5NailV+bzdp5fa4sis:hZinyY59abzdrfaLis

    Score
    1/10
    behavioral23behavioral24

    • Target

      SimpleExt.dll

    • Size

      149KB

    • MD5

      59a05759b6be35e32573c73639e22747

    • SHA1

      7a7da0302201d2f35977cf512e33d8c9c976c8c2

    • SHA256

      f56246622a294120404f1d99a16cb9c734e8115929100289ddf14348c054385d

    • SHA512

      1ccc6ab402a08cca5006f222670e0bd2a999ccd06236838f762eb17221a4dc6f6425375dce95f1580de6add03097c7838dcb0c656847d176c4767749ed2b8c22

    • SSDEEP

      1536:dp/CH817QNmEu+ZsS9cpczhk76LOLJX3sVAG:T/fpa39Fw6SLJX3sVAG

    Score
    7/10
    persistence
    behavioral25behavioral26

    • Target

      SimpleExt64.dll

    • Size

      145KB

    • MD5

      23039590096e1b01f6e61b1fcd6b349b

    • SHA1

      3a485d350ae596110faf29d9397892c8178a29f0

    • SHA256

      3bef6a801b18439ef439914b3ad918940ce10baf6f701bf6027d13d8e4238c74

    • SHA512

      871f4f29a3e8983299da7548b5b5440de64ae458739301ffcf4b7249f7a9440a0c7c8e686e0a22855910819c97075de63be4aca1faf763538eb261bfe25f7ea7

    • SSDEEP

      1536:xFx1/vpPtb4CPacJ9XTDFlFx1Oz1UesQT4jmwUsVA:rD/vpPt/C2TDHtU1U5QT4jmwUsVA

    Score
    7/10
    persistence
    behavioral27behavioral28

    • Target

      Skrinshoter.exe

    • Size

      4.3MB

    • MD5

      f5056d53e93aae3be0d07e50d65c2558

    • SHA1

      4d2932203e2babe54b677032905fee1f527db72c

    • SHA256

      04afcfa5c05b5b21b2a5d014035ae12e5b7af4e20fb0f2e8742a9e1b4b3f9837

    • SHA512

      012db5c36418144287f49fdf8a075d3ed76f5b2509a758e41c2ad1ca3de152b646c24e1093d389eee27518aa47073515e864d3451b830cdea82ffdaec9821550

    • SSDEEP

      98304:2RYAnN1JmOzbH5z/UqqfbYlWK0/coNaVq09lHJlmd1utG0Q8vz:2C0N1BzN/3WK0xitJlmd9Uz

    Score
    6/10
    persistence
    behavioral29behavioral30

    • Target

      curl.exe

    • Size

      2.6MB

    • MD5

      43397adb2220bb087abec35756b66112

    • SHA1

      0d2b630bfce815eda40aded3d0731852ba546ca0

    • SHA256

      d8f024a052668001f5f1be9e4c45424d07d4bcf812d1114b3f00010fece76ebb

    • SHA512

      fb18ebe7a6a890d165cbf7cd2c9c689abfe87262f6e6f25b92a8f082c287e89c669dec08291241f69611672dcc767882b5cb938fc408c6ed2bd0e464160e9b23

    • SSDEEP

      49152:fr/mPE7JwO6HYhj6gguNSioEWqCzjyuq/gfgwFbhop467Yf4fZZm7/i2ITtZSMD:fTmc7Jw6hj6gguNSioEWqCzjyuqLw5hq

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

upx
Score
7/10

behavioral18

upx
Score
7/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

persistence
Score
7/10

behavioral26

persistence
Score
7/10

behavioral27

persistence
Score
7/10

behavioral28

persistence
Score
7/10

behavioral29

persistence
Score
6/10

behavioral30

persistence
Score
6/10

behavioral31

Score
1/10

behavioral32

Score
1/10