Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

Builder.bat

windows7-x64

1

Builder.bat

windows10-2004-x64

1

Components...OBF.py

windows7-x64

3

Components...OBF.py

windows10-2004-x64

3

Components/loader.py

windows7-x64

3

Components/loader.py

windows10-2004-x64

3

Components...ess.py

windows7-x64

3

Components...ess.py

windows10-2004-x64

3

Components/process.py

windows7-x64

3

Components/process.py

windows10-2004-x64

3

Components/rar.exe

windows7-x64

3

Components/rar.exe

windows10-2004-x64

3

Components/run.bat

windows7-x64

1

Components/run.bat

windows10-2004-x64

1

Components...ief.py

windows7-x64

3

Components...ief.py

windows10-2004-x64

3

Components/stub.py

windows7-x64

3

Components/stub.py

windows10-2004-x64

3

Components/upx.exe

windows7-x64

7

Components/upx.exe

windows10-2004-x64

7

Extras/unb...tes.py

windows7-x64

3

Extras/unb...tes.py

windows10-2004-x64

3

env/Script...xa.dll

windows7-x64

1

env/Script...xa.dll

windows10-2004-x64

1

env/Script...lt.exe

windows7-x64

1

env/Script...lt.exe

windows10-2004-x64

1

env/Script...64.exe

windows7-x64

1

env/Script...64.exe

windows10-2004-x64

1

env/Script...En.exe

windows7-x64

1

env/Script...En.exe

windows10-2004-x64

1

env/Script...64.exe

windows7-x64

1

env/Script...64.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Prometheus.zip

  • Size

    37.1MB

  • Sample

    240607-baxk9afg65

  • MD5

    793826714277e64be19673b740974aba

  • SHA1

    abfde6442a81441b6b73a787251469394c15d1a0

  • SHA256

    32abdd2910a308d9db26293a2be62184462ed68595d369b1002a72a614bfea72

  • SHA512

    4f1f493123e9f44624299ce20ef6ad50a1279c818090c89c15a24afdbd7cf008bd5076321f92b25b7b4791a76f8299fbd764f4080894df0f10ded58b767658f1

  • SSDEEP

    786432:UFtE6W5tkO4DWeBCLju4clMsk+CLi9LcALuK54P:xcdBCLju4cm/RLiJR954P

Score
8/10
pyinstallerupx

Malware Config

Targets

    • Target

      Builder.bat

    • Size

      1KB

    • MD5

      69f3538d09da509b93329b22fd59a956

    • SHA1

      d74ccc96102895e111712beedabcdc725fb23360

    • SHA256

      79e1377ac17e6aece067d4cf6a202d8baf43a9906cea353de7188c43b20500c8

    • SHA512

      a5e2fdeb2d185acda43e6a0d964966fc5246d2fe598d094e0b59bd757c42170d3e4125cf7da736080a95141b453d12a53af295eb53bd64e431285e8213da9b07

    Score
    1/10
    behavioral1behavioral2

    • Target

      Components/BlankOBF.py

    • Size

      5KB

    • MD5

      7a8c07085db6d780537154ba26a42a5e

    • SHA1

      0bb6856624884bf154be7cc8df52d3214dea7d9f

    • SHA256

      ca8445cd8593ff89d2a406e43fa114f612fe10835d80cb43b4341c390f8b5eb0

    • SHA512

      16d91226b929128c447ee04c00e9eede44e6a5daf9691a9d45ff645da053748594734268ae45a4521f0329bf8116ed16c149a9edfaf74d923e64ffec5271c706

    • SSDEEP

      96:Gr54cd62hK9FFZ48PuCQYBX5oQL6oUMOQcL:GP6Us4B8JoQLBsQcL

    Score
    3/10
    behavioral3behavioral4

    • Target

      Components/loader.py

    • Size

      634B

    • MD5

      ca35548638710a32f6d4bc1a61a103c5

    • SHA1

      2703967c4376cc2e0ca20191eff97b85989d8310

    • SHA256

      e7dbfe873c719006f28e6526ef54215d7b7598bce5566734c552dab9f1f487e6

    • SHA512

      d1c0839326662b240dfa4bcea7284d261be46e9bb8b03f073e0328e361321f9cdfa740abd4541b2cdc21c806bcd901d3bc3cc36b9f7e0ee6191d189df0533061

    Score
    3/10
    behavioral5behavioral6

    • Target

      Components/postprocess.py

    • Size

      2KB

    • MD5

      49075e2d9fc465efc637dec05d1dc8ab

    • SHA1

      715e7a50e1abc50df13cdb0626a027ce1fd520b5

    • SHA256

      89074ee03413bc77d02c438831b318a98804823fadb6f972028f7951548a201b

    • SHA512

      39c79ca0de2046ccb2d6cea4db2e7ebb84dfbc332964cfd6337e421ef4f70a2c0ae99d2154edf78caa2b8f2bb702702b71fbbc72fad2813fb745d96d3d7e05f9

    Score
    3/10
    behavioral7behavioral8

    • Target

      Components/process.py

    • Size

      8KB

    • MD5

      bd188d54f63b150b4ed6fad9adb37666

    • SHA1

      f9c8d9abb5d32cbe1b7af8c2cf972dc311010919

    • SHA256

      d4ee3542fbc2453c07b8fa9b2a36d49c46cf892dc1163ee345c6a8ef55921f0c

    • SHA512

      991c7488806f9c5eeb342eedd769c8ad6a13b6a3cff36c76ebea3d721b75925f95add0b3dd36c596b50c8026c89ef3bdd4f268aceb859e19fc461c39d84b1119

    • SSDEEP

      192:Etw1auOoI8I+IQI2Iz2Iym+IyIQICI0IiIgIcI6ISI+ISIKG2I0U0F+05dkIMN0E:m4iE9pV3522EQTq1o4mG

    Score
    3/10
    behavioral10behavioral9

    • Target

      Components/rar.exe

    • Size

      615KB

    • MD5

      9c223575ae5b9544bc3d69ac6364f75e

    • SHA1

      8a1cb5ee02c742e937febc57609ac312247ba386

    • SHA256

      90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213

    • SHA512

      57663e2c07b56024aaae07515ee3a56b2f5068ebb2f2dc42be95d1224376c2458da21c965aab6ae54de780cb874c2fc9de83d9089abf4536de0f50faca582d09

    • SSDEEP

      12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd

    Score
    3/10
    behavioral11behavioral12

    • Target

      Components/run.bat

    • Size

      1KB

    • MD5

      8cab2eebc99587ecf2f66fb2386a71a5

    • SHA1

      d563cdab7a4ffc17cb4b2a7208794d735d54318b

    • SHA256

      02ebb34fb62907271ebb16736feaad787f1da60b32cdbab9b30ef09286b9dbcd

    • SHA512

      d70f96d3dce164e3845e0fff2905775f079f7b9e06f21437bcee14dfcb77d41fcb1487beef795efaf070a439b79fc925b53e25cfa6956f6a30eac9e6832e9966

    Score
    1/10
    behavioral13behavioral14

    • Target

      Components/sigthief.py

    • Size

      10KB

    • MD5

      d3559eae0b0d56c618f1cb4c84007f62

    • SHA1

      482d6667850b42afeda3af132dbf3b3b76afe966

    • SHA256

      a795b6f56664614188ff7e3f7168eed5c88c820423a17200358e79325265e082

    • SHA512

      6ecfb74e74c5c0adb4f47448c3db3d0db6333a5635f2f1ac0cca0e1289080e5c9c01094eab1c5722a74d21b302296304d8c6cff00e1b7172a2d4d1b467d1a608

    • SSDEEP

      192:0/j5U9+6E0yWYSF/DwI6CRH2dCYwqSfU15dkAJH:06yMSfUU1l

    Score
    3/10
    behavioral15behavioral16

    • Target

      Components/stub.py

    • Size

      104KB

    • MD5

      094aaaa77f79893c5f53c05fbb7862de

    • SHA1

      782099a388b4796cd96434bceb9714960fa36bb7

    • SHA256

      999985a9d00858b7a007b68f004d4a5dd603f8984a187cb817f7adeb90cce10f

    • SHA512

      15aca84dab29f5e87d6bf38f79acda377f477ba4e61fa84d6a17771d2e7f528fe2e44f851b858c0b0c2b9077a58b5f57007fde6ae2b62bfaa07f8b45042bdcc4

    • SSDEEP

      3072:9eqOZ6qJnSAmVGn2kY4iajfmsD+ABFPAA2C4:sqOyWY4u0B34

    Score
    3/10
    behavioral17behavioral18

    • Target

      Components/upx.exe

    • Size

      525KB

    • MD5

      8a98406e32ed6139bd9e75342d452948

    • SHA1

      ed77737b88a7351d0bc5f542ddb7ce84f8f95588

    • SHA256

      a4240ea0e8a916d15f8391edef9705ab4de1f516dd360f0a336c5358686d434b

    • SHA512

      f5b17975560d97308a6ee66845225715e82bade9df7bc36821c76fe67fcf8d22929bf21b85e28dd11b7399d0109ab1f3786fd2010c2e5023d3a93d2bd5cf678b

    • SSDEEP

      12288:fOHsWPQsJdQmiR0eYG16fyP8RHzS75CaNgMYqIW7I2:2QmiWK16rRHzS7U6ip2

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

    • Target

      Extras/unblock_sites.py

    • Size

      1KB

    • MD5

      0d1019573b112545f9fd41a4e0acc342

    • SHA1

      6ab1685e4d4aa3d16307325da3c8c6a65cc1cd2a

    • SHA256

      bf5c32f73990a16835b5b91f08647617dce973a68626ee4921bc5e2c5a07cafe

    • SHA512

      d4cdb37acabfe9013aa8cdec6cce9040a9d9c2b52570fa45f1a0750c29860b161d0446ded2d3f31c61676f42ab2be7c01c8cffc09ae64126510ee2d484e1c561

    Score
    3/10
    behavioral21behavioral22

    • Target

      env/Scripts/dist/7zxa.dll

    • Size

      220KB

    • MD5

      85026cfba1afed081a84f70c3cf46815

    • SHA1

      4231a9a70229fe7a6f8aa92109002caeb642a8ce

    • SHA256

      f4953bebeb4b71f3f83e4684c5349b0ee9263499df3cc0b2be830ef2c478d50a

    • SHA512

      742ad90f66c6815a61262c48685af7676cb94783e59fcd05d4f53329491e7b1c2be4c8f2c9eeeb02422f2a7b4d8ef224ffc39a76bc53270d2ce8e31df7fa8ebd

    • SSDEEP

      3072:fva4wzxd5iNVYCWprqMCRvAmpkZSXovw47iuoRIpzdSQCg2MPFWrRP+4jIPLQyAz:nqN/iYPrq2nwmx2HX0psmBgVay

    Score
    1/10
    behavioral23behavioral24

    • Target

      env/Scripts/dist/Default.SFX

    • Size

      327KB

    • MD5

      224f78b66ec07b08edc62ca0868ded3e

    • SHA1

      3c5b99f4f5ff152e7a56156b4966381789a33124

    • SHA256

      45def3b0f58e25c84c3c4a4c8d427d4fa1d4d6f0ddadff25e91698d9d8e937fc

    • SHA512

      d308c697df5b940ec779d2b324aa110b7d2f86d1ce854e0957b969bece41c101e2fbc1008e1cafc3a1e3ed8188561d0deb32288d52ab5c228db169f18fc983c2

    • SSDEEP

      3072:Gn2Af+SLiJO+Y7mR9USl6yOiGB3PSQQivLXdn+mvo+vuChrZtwkYZBwOepe4PUe6:jE+yclwQKjdn+WPtYVJIoBfRT+tk

    Score
    1/10
    behavioral25behavioral26

    • Target

      env/Scripts/dist/Default64.SFX

    • Size

      377KB

    • MD5

      34fad68e2cf5ede0c5ab7ea6d1dc8235

    • SHA1

      7362f3f274fcbf165dc03e721f316d536c2bce71

    • SHA256

      68e6ff144c7c4da87574fdb981f0d10512f5420b86c6f92f958bd8e3cf574e76

    • SHA512

      e6237d9ec867d16dcccf30fa74365b1b892f47bea2331791a7b89fb0a2d4951377cee6d94d1c2cb20e75cec9ba336fdab5e9ef63763bb4ca189bea47f061a1b8

    • SSDEEP

      6144:bRhYmJEYmYhDD0+VUqYJmUS7pKIl4YEtL72j2dHnKJ4oy3NXP/GDIoHD+T+tk:bjinYhf0+JYJmUS7pKISxa2JMyZP/FTl

    Score
    1/10
    behavioral27behavioral28

    • Target

      env/Scripts/dist/DefaultEn.SFX

    • Size

      326KB

    • MD5

      120508b3b012c40cf5e5acbcc573c586

    • SHA1

      032c088bbb21fa17411cbd142d3a1a68ce25482b

    • SHA256

      e3ac1431cf3564c2f6fb48960ddaa70ad78225ea7758af2156df08cbe723db37

    • SHA512

      648fbdf674cf4d46c27c7464f27b0746937e1f9e45815037adfabb20b265ec29aa5e4383317dd215081bd9422efbd504f10cc9d4ceea6351affe1435d3832915

    • SSDEEP

      3072:Dn2Af+SLiJO+Y7mR9USl6yOiGB3PSQQivLXdn+mvo+vuChrZtwkYZBwOepe4PUeg:SE+yclwQKjdn+WPtYVJIoBfv2X+t4

    Score
    1/10
    behavioral29behavioral30

    • Target

      env/Scripts/dist/DefaultEn64.SFX

    • Size

      377KB

    • MD5

      c8c0d9bcc38b11ae30033724290f523d

    • SHA1

      529dab11d8d59a45e5d26e308c72f8fcd5a37edc

    • SHA256

      7082e3133a693b6a9a196ad742f6a12a71c472afbcc0922f1c6fca29576d889a

    • SHA512

      b3653413ba7ce208a2e8246a79882e7d98e1dae6a2d1999978496ec3640a03ee8bcf13bbfb247e41677688cbc569acf814ac043db1423b0c5f617fd800edbf0c

    • SSDEEP

      6144:3RhYmJEYmYhDD0+VUqYJmUS7pKIl4YEtL72j2dHnKJ4oy3NXP/GDIoHDT1X+t4:3jinYhf0+JYJmUS7pKISxa2JMyZP/81B

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upxpyinstaller
Score
8/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

upx
Score
7/10

behavioral20

upx
Score
7/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10