Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

173绿软基地.url

windows7-x64

1

173绿软基地.url

windows10-2004-x64

1

HostMonitor.exe

windows7-x64

7

HostMonitor.exe

windows10-2004-x64

7

HostMonito...��.exe

windows7-x64

7

HostMonito...��.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    938517ae68bf4dbdb3f989777a6920bd_JaffaCakes118

  • Size

    15.5MB

  • Sample

    240604-d736eace65

  • MD5

    938517ae68bf4dbdb3f989777a6920bd

  • SHA1

    9c0fb3bbb8daefddbb5245559f1a3126ecb2edc8

  • SHA256

    ef967e92be5148ec9628ae428460931f172665a85b6ed16a806b470be61f2775

  • SHA512

    8308d05e1baec69136c498e948f97584eeced6e3380b784e688bb672e4b519d261e3894312033be1c20384100aca2e1ef2df9affef54766e0acfd66273432ddb

  • SSDEEP

    393216:YNOha7eZ3hEDPHGil+oweWSsCoepdQgU0DZ7OveYwp:Y4hMkWTmiw8WSsCfQbcBOzwp

Score
7/10
upx

Malware Config

Targets

    • Target

      173绿软基地.url

    • Size

      402B

    • MD5

      ae411f6833c75cc0d0579c93b9129959

    • SHA1

      036966a128861e6874067eccb3cac4e1064b022c

    • SHA256

      082852d51894343c1d198f16f67a6ca59e9feca4b7181861746f5703885ffbb0

    • SHA512

      a88e36929c3553b9890f036030ee2a7b0f40e2a0b18d4c41831de936f6d17f09083271c96418ae5ff0b1218070ac5b6d852b252580dd5c4b42e480ae5c4cc4b1

    Score
    1/10
    behavioral1behavioral2

    • Target

      HostMonitor.exe

    • Size

      15.8MB

    • MD5

      e3e3d7e5feacf6cc05f272f924c945dd

    • SHA1

      d549e1e7fb0f0d81eb2cc02661bb44f7ea7784d3

    • SHA256

      ca9bc3585c5686b9a0dda703bb9c4072b7d2c86a00ac09efa35f8d634d608548

    • SHA512

      0578c71e09601c70bfb4495fd81b23976352b56db0e170675bb3d32a340b8f08641431261635cad3e5ab2daad5d82d426a1b69d7541e4632f1b87dcc5fe1e5fd

    • SSDEEP

      393216:U+Mdn+tCw00suCsfN+Mw0na/FHn1TqmlIdb7u7S4XkMkAH:U+m+tCPuBc0naNHnwm2Pu7zXH

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral3behavioral4

    • Target

      HostMonitor注册机.exe

    • Size

      181KB

    • MD5

      2ee7ea6664505166cba77cf6ec4e0b13

    • SHA1

      adf76f53db3890a5fd95ff627697a6cb785a022f

    • SHA256

      c00f487a06243901fce7769d1fc5999576d87da31ffd43c50cf68d515e0ad584

    • SHA512

      9c0153bc36b72e86ea5e3f64c00ec9defaac88f15abbac7c98c4dcca9901d23e8399a78f0f635037fff71f6c8c79ca4a6460c3f316f5ac09026be40403df0e06

    • SSDEEP

      3072:ZY34UoEBMS04PD4SC0bCg3jFn2dAsWHjUdH7V4tofQVAKGuSVKzKISs1:SoUoEBMT4PESCvgpnYAsWwdrHKGuSVKw

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks