Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

288492de51...c4.exe

windows7-x64

3

288492de51...c4.exe

windows10-2004-x64

3

$PLUGINSDIR/AMIH.dll

windows7-x64

1

$PLUGINSDIR/AMIH.dll

windows10-2004-x64

1

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...SC.dll

windows7-x64

3

$PLUGINSDI...SC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

AMBattery.dll

windows7-x64

7

AMBattery.dll

windows10-2004-x64

7

ArgusContr...ce.exe

windows7-x64

7

ArgusContr...ce.exe

windows10-2004-x64

7

ArgusMonitor.exe

windows7-x64

7

ArgusMonitor.exe

windows10-2004-x64

7

ArgusNetHandler.exe

windows7-x64

7

ArgusNetHandler.exe

windows10-2004-x64

7

GpuControl.exe

windows7-x64

1

GpuControl.exe

windows10-2004-x64

1

HWInit.dll

windows7-x64

7

HWInit.dll

windows10-2004-x64

7

libusb-1.0.dll

windows7-x64

3

libusb-1.0.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    288492de5197a9fa987cb4bc2463a93c5653e07a8bb0dc1d6bb31d620a26ecc4

  • Size

    10.0MB

  • Sample

    240611-1cfg7asejc

  • MD5

    f8d0b4f23270eca43d14522f3f748799

  • SHA1

    3c7aa797561d30cc37a2c38e6872b9d806c1d903

  • SHA256

    288492de5197a9fa987cb4bc2463a93c5653e07a8bb0dc1d6bb31d620a26ecc4

  • SHA512

    b55719e681d1b56dbfb14162bf2c514b7672dde367bb30ab48fc9c06982a585cc2cd88645ce4e6c172c5d0ff7554f69eee60f6b2527771c4beeef25355a32279

  • SSDEEP

    196608:ckgAPGT4LF7JNvRCHUngaa4jLQXPY7I7uUDkhye1ZNc1EAGNbJvqNntH8dTP4:ckom3kaa4jiY0SXbNkbDntcdTP4

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      288492de5197a9fa987cb4bc2463a93c5653e07a8bb0dc1d6bb31d620a26ecc4

    • Size

      10.0MB

    • MD5

      f8d0b4f23270eca43d14522f3f748799

    • SHA1

      3c7aa797561d30cc37a2c38e6872b9d806c1d903

    • SHA256

      288492de5197a9fa987cb4bc2463a93c5653e07a8bb0dc1d6bb31d620a26ecc4

    • SHA512

      b55719e681d1b56dbfb14162bf2c514b7672dde367bb30ab48fc9c06982a585cc2cd88645ce4e6c172c5d0ff7554f69eee60f6b2527771c4beeef25355a32279

    • SSDEEP

      196608:ckgAPGT4LF7JNvRCHUngaa4jLQXPY7I7uUDkhye1ZNc1EAGNbJvqNntH8dTP4:ckom3kaa4jiY0SXbNkbDntcdTP4

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/AMIH.dll

    • Size

      60KB

    • MD5

      d9a0c29bbd1c15a86dcc42df87fbbabf

    • SHA1

      3b82b10fe50db79f5802cc716e156769e6d73da4

    • SHA256

      b19ef6d852a44abc9d555b0b1c2adb6a68a950188ead37f6fc7d6aa986706677

    • SHA512

      d320de03d2b4b4fb8472cc6f2eac4ab19c0a29cb6aaf63526b65cde90b1956eb8b64c93ef08c67a947ae1b022e653528997bd091fc87724a121fa6102191c568

    • SSDEEP

      1536:4yz093DhvVtEAuKcS3BgROqBAM5C/P6KbHG8GLD9GZqC:4yzU31TDRgcGACms

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      68b287f4067ba013e34a1339afdb1ea8

    • SHA1

      45ad585b3cc8e5a6af7b68f5d8269c97992130b3

    • SHA256

      18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026

    • SHA512

      06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb

    • SSDEEP

      48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/SimpleSC.dll

    • Size

      1.1MB

    • MD5

      7b89329c6d8693fb2f6a4330100490a0

    • SHA1

      851b605cdc1c390c4244db56659b6b9aa8abd22c

    • SHA256

      1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d

    • SHA512

      ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a

    • SSDEEP

      12288:fRdJsAp4dXFcLBz75cwoCmJKHwe6VuoH9v0D/LF5mM6:fBsmyVS151oCmJKE1dv0DX

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      6c3f8c94d0727894d706940a8a980543

    • SHA1

      0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    • SHA256

      56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    • SHA512

      2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    • SSDEEP

      96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc

    Score
    3/10
    behavioral11behavioral12

    • Target

      AMBattery.dll

    • Size

      593KB

    • MD5

      46d7f8e0818db756ccc4208f131ac108

    • SHA1

      cf30de5fa739ade572eeaf8bd1d7b72dbdcfce9f

    • SHA256

      375f111e1aff6a4c38bedca2da3377ffd7073f85089e98545a98bfb722ae0047

    • SHA512

      d06d4eb3b51395091510ec68adb492503e3649fbfd79ec6e810d865c6d0f8cd98c654796ad8f728a5f5ea572499e033e60d39cd60d7620bd05344e7f80ec48a3

    • SSDEEP

      6144:mUc7Fe1sls7c1oxgplevQ56+YjZdMcyY0695zqrp1Aeps9PTQXx9wohVo5Oa6DMz:m21us7c1oxiYFRn2pazPTQXEoc56+

    Score
    7/10
    persistence
    behavioral13behavioral14

    • Target

      ArgusControlService.exe

    • Size

      1.0MB

    • MD5

      44802f543b38848b4125fc57be7aa915

    • SHA1

      b4d70f9ced45310522c40d4646e024576c0d2188

    • SHA256

      2318b54cdb0236690943872b9c3d7e06875cd7fd8b69f4925d4d2746ef33b15d

    • SHA512

      6436f0944986cb585bc4c50a839fdf865377d4473dca8d1c1a0fc52197e67c4a19c03a6f1006a54763931f3c7b92ea76857a4350c476f1ae5b3c3a6b286ee563

    • SSDEEP

      24576:Q/C9zN9Y/l0wuALzIOcgubW2skUeL3lY+J:Q/sml0wJRFubplY

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      ArgusMonitor.exe

    • Size

      5.2MB

    • MD5

      ec29d0e790e7fc5c278b4935c48b3208

    • SHA1

      1cb92908b624779e421c536eb29ce71c08aa5426

    • SHA256

      7bc3395ec346e47fbbdafbaad7018db60dd7d21b9e22e04d852c54b836a1c592

    • SHA512

      e9a86200f03d32421f96aad0c793a84700c92017f66da826d58ff43f032ca661c93f1bda59a040c3fb5c9062e013d8835d65266235d15c58d061df2d4c7e13ee

    • SSDEEP

      98304:BJ/ThTC7iGAFZJ/6481OjUIWoQROIOUVKOH093ooQVXStgu1Y1Cg936yJkp:BJlTC7iGOu0jvS8R/4oQJSmhJO

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      ArgusNetHandler.exe

    • Size

      1.7MB

    • MD5

      6db3c75ea1372b28856b31bdcfe5928a

    • SHA1

      b1a8e8bb5b2c15578df3d1c227e751b24ebcc3be

    • SHA256

      090ac34a1af421383ccf7d345a190c58d3eb6104c40c979a26072e4195fdc883

    • SHA512

      2e37e69b31bbfc1f012272434ee05aaa352030e45c6e3d37acfcf46a4957321e77240268565d84b17ff9f94addb73809ec37f8bb302356284da85a231f0ef210

    • SSDEEP

      49152:qvVYY8dHSWOkNj2elIZLs10/mpfafKNXd8qHn2ST5HgB:MVYYCHSWrBFSJmpf48znt+

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

    • Target

      GpuControl.exe

    • Size

      219KB

    • MD5

      a0c284f291a69cd76954339eacf98385

    • SHA1

      43510c037c80de81ec49c6b3ffae63c1c8a1f483

    • SHA256

      779922ba62821c0cbd8e6be0fe6cf5c9647d2eed153b6dee00716b8db9598e10

    • SHA512

      f7a02fe7b6736e70158303469d23b093875ebb2f30e422df0c71f9b51012bbe874eeaa174e57d1cd7fe2b389cf9ef9f28539836e96e320a0af8684417096c2dc

    • SSDEEP

      3072:BfwXNGEJy7gXDi0kiv0we/rIjTZRopwnL8vcRdzmLgPdVH2Kc/55:BI4Edx70MlR1RKOVHtq

    Score
    1/10
    behavioral21behavioral22

    • Target

      HWInit.dll

    • Size

      32KB

    • MD5

      b8d6687a62dd8084b4df9217a1d3da4a

    • SHA1

      a6704a86b12a17f73faff5b687a1c635536346e2

    • SHA256

      fd57dab209b14e129fce1e1f55f1cd5fc6107dde8d2b6d05e80109ba56bc9201

    • SHA512

      686a48c156ea0b86189e2a8fc2f7d0e91cdd4e1dd53a55999074cd8f73b309415c90d535ae62d0b6c1b5c1b0eaaf26d119c2bba19bb1ad806af65cad5e31c913

    • SSDEEP

      768:H7IPuBAfkMishOdJ1fa0X4cAbmzv6Gly2yrxqx88JQ:HHAf9ishOJae4G6Gzxnm

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23behavioral24

    • Target

      libusb-1.0.dll

    • Size

      256KB

    • MD5

      90a50cf50e4e3556ff1b53aefc8a06fb

    • SHA1

      be2ebb90ccb025fee7d6d380c5ab984253a94810

    • SHA256

      0760140d425269244c20bc4fb55f495598ab2b0e9db1584b28295799b18d90ef

    • SHA512

      6f17c0ac722508f07cd8677362b1c8b6cfcba9713dae858a488e0d90e039e74d2d5fefead416ddcba23f26298e4ec069243e381e220f38f30cfbba9495a12cea

    • SSDEEP

      3072:9JvlmaUCl73ao0rsF/xQ7z2EJbNfNJJcP3yc8o1B9nMnnIRFOE7KBT+rwJ:9BlNll7qo0rsF/u7zJlXch84BBSEeJ

    Score
    3/10
    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks