Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

consistluvbug.zip

windows7-x64

1

consistluvbug.zip

windows10-2004-x64

1

incognito/...st.txt

windows7-x64

1

incognito/...st.txt

windows10-2004-x64

1

incognito/...s.json

windows7-x64

3

incognito/...s.json

windows10-2004-x64

3

incognito/...au.dll

windows7-x64

1

incognito/...au.dll

windows10-2004-x64

1

incognito/...e.json

windows7-x64

3

incognito/...e.json

windows10-2004-x64

3

incognito/...st.lua

windows7-x64

3

incognito/...st.lua

windows10-2004-x64

3

incognito/...it.exe

windows7-x64

7

incognito/...it.exe

windows10-2004-x64

7

incognito/...le.txt

windows7-x64

1

incognito/...le.txt

windows10-2004-x64

1

incognito/...et.txt

windows7-x64

1

incognito/...et.txt

windows10-2004-x64

1

incognito/...le.txt

windows7-x64

1

incognito/...le.txt

windows10-2004-x64

1

incognito/..._1.txt

windows7-x64

1

incognito/..._1.txt

windows10-2004-x64

1

incognito/..._2.txt

windows7-x64

1

incognito/..._2.txt

windows10-2004-x64

1

incognito/...le.txt

windows7-x64

1

incognito/...le.txt

windows10-2004-x64

1

incognito/...le.txt

windows7-x64

1

incognito/...le.txt

windows10-2004-x64

1

incognito/...tefile

windows7-x64

1

incognito/...tefile

windows10-2004-x64

1

incognito/...le.txt

windows7-x64

1

incognito/...le.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    consistluvbug.zip.infected

  • Size

    18.8MB

  • Sample

    240601-m45phaaf3z

  • MD5

    f24aee225a6cea3616dd54cb23f52338

  • SHA1

    756e3e192ea0d8849fd293a22f5c4f8cfbb12ffd

  • SHA256

    4fd5453390d3915c066b008dfa65ffb47d3922c124b4d5c098324f95f8a934fa

  • SHA512

    a80dd7d1eb112b71103ae5119a5df98e70456b1804e48109d9f56a466a58b5ed3210b3d13851ebcf0843ec63f57989eaa9e97e7aebfcac5e6f739b0382cd4208

  • SSDEEP

    393216:1MuJKZPnvYX/wAeuG2Vi8rVqwqo6VUmFkIUMBbl9xu9aOQ:1sZAwAeuG1AqwzimIzBZ9

Score
7/10

Malware Config

Targets

    • Target

      consistluvbug.zip.infected

    • Size

      18.8MB

    • MD5

      f24aee225a6cea3616dd54cb23f52338

    • SHA1

      756e3e192ea0d8849fd293a22f5c4f8cfbb12ffd

    • SHA256

      4fd5453390d3915c066b008dfa65ffb47d3922c124b4d5c098324f95f8a934fa

    • SHA512

      a80dd7d1eb112b71103ae5119a5df98e70456b1804e48109d9f56a466a58b5ed3210b3d13851ebcf0843ec63f57989eaa9e97e7aebfcac5e6f739b0382cd4208

    • SSDEEP

      393216:1MuJKZPnvYX/wAeuG2Vi8rVqwqo6VUmFkIUMBbl9xu9aOQ:1sZAwAeuG1AqwzimIzBZ9

    Score
    1/10
    behavioral1behavioral2

    • Target

      incognito/autoexecute/test.txt

    • Size

      69B

    • MD5

      8117b088670ace343038cc9e404d5448

    • SHA1

      b293a8ea46badf3268312b03ffdcbd87936070d2

    • SHA256

      f7a90e5208841b920b622e0c94eb32653daa297c07d3f8e4abd532201dd5165f

    • SHA512

      574acf89b137f2ea2259ec704e76ac04fab40a4166f1b5957fc5701bffbefb25ea8d5e1efadc5a2c7249acd6bde419c759589b37f073b162b25bed29ee677d26

    Score
    1/10
    behavioral3behavioral4

    • Target

      incognito/bin/api-docs.json

    • Size

      5.9MB

    • MD5

      19c541f355cad5fb427a38317479b698

    • SHA1

      aebc5b3b123ab962606b6072806027d9b6c758e9

    • SHA256

      6c003208304e585290c9a655c51e5789c4f3e4241a9abc0139a9dbeb5d2884b1

    • SHA512

      78e3cbe554cdf02457a3892033ebd9f74c5b4446e306248594d682918ea5dc6e52cafe72b3bdf59fda1f9f5b3879576ca1ef2d35cebc66f1d55543b618bcf7e5

    • SSDEEP

      24576:7ccjk1+ox2ptidmo2KtMTdxsuBqXhGz+rM:hiVuBqXhGz+rM

    Score
    3/10
    behavioral5behavioral6

    • Target

      incognito/bin/incognito-luau.dll

    • Size

      1.3MB

    • MD5

      157fd035b2a344a94166d7db3756df0e

    • SHA1

      f221d28c1deb80b4e8d9201226435aefce6b0f75

    • SHA256

      8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009

    • SHA512

      fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d

    • SSDEEP

      24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk

    Score
    1/10
    behavioral7behavioral8

    • Target

      incognito/bin/save.json

    • Size

      46B

    • MD5

      877b13372acbf8bf740694d141d1aeb0

    • SHA1

      0c764bef8a7c94ef610c129720d3d3d9a66fea3f

    • SHA256

      1bc3e6bcf3d47756fe6e456ce68165d39ea8358186d1a9bb4b2e5911389b22c1

    • SHA512

      38a6a7e7bf9572daeabbafb7bb1868d09f9b487e84e17da263f627315623952ab203c8dc5e940b6d59d15183bdd43d153a08ae421f12d085480e73fcbc3b5b82

    Score
    3/10
    behavioral10behavioral9

    • Target

      incognito/scripts/test.lua

    • Size

      15B

    • MD5

      45952b4f4540d4ea32b1a56b40dfcb54

    • SHA1

      c43f61758aede460274cbe0a7a52ed3a8e06201a

    • SHA256

      819627eee839b974a3a9905ea4f98b1fce63b9ef68a9a1030b39c52ec2046999

    • SHA512

      5fae4efa4037c96b3012e825e1041ecb419b8b6ce6eeb2f4667228874ddb7be48137d9118dc676e6d1f430e71f68809837e4caea8fd65f6100624e63abb81e8a

    Score
    3/10
    behavioral11behavioral12

    • Target

      incognito/thegreatestexploit.exe

    • Size

      17.9MB

    • MD5

      985a7c5f0ee35a1984ed8b0c18847643

    • SHA1

      2bf0487f62ef4a521d3d51b01a4b8b2625de2a91

    • SHA256

      15aa7b28eb003b5bfea6679de772a34e59372f2155a87ba8f05ce8c4118e2e3e

    • SHA512

      9230cf00c8145e199586e478e7db307e75d729b98af24ec1b73e4893348380bd81affe436bee7aea8dc2e1b22d0b7e49af98428756a5832df22f5411e6e7a7d8

    • SSDEEP

      393216:qtabzFXC2ZKqm6GhXcrRwBsoM8km9XWkdQctnGHS4sak:5blKqm6GmSBs12Gkd/tG

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral13behavioral14

    • Target

      incognito/workspace/.tests/appendfile.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral15behavioral16

    • Target

      incognito/workspace/.tests/getcustomasset.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral17behavioral18

    • Target

      incognito/workspace/.tests/isfile.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral19behavioral20

    • Target

      incognito/workspace/.tests/listfiles/test_1.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral21behavioral22

    • Target

      incognito/workspace/.tests/listfiles/test_2.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral23behavioral24

    • Target

      incognito/workspace/.tests/loadfile.txt

    • Size

      1B

    • MD5

      8fa14cdd754f91cc6554c9e71929cce7

    • SHA1

      4a0a19218e082a343a1b17e5333409af9d98f0f5

    • SHA256

      252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111

    • SHA512

      711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b

    Score
    1/10
    behavioral25behavioral26

    • Target

      incognito/workspace/.tests/readfile.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral27behavioral28

    • Target

      incognito/workspace/.tests/writefile

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral29behavioral30

    • Target

      incognito/workspace/.tests/writefile.txt

    • Size

      7B

    • MD5

      260ca9dd8a4577fc00b7bd5810298076

    • SHA1

      53a5687cb26dc41f2ab4033e97e13adefd3740d6

    • SHA256

      aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

    • SHA512

      51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks