Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

PingPlotte...FF.exe

windows7-x64

1

PingPlotte...FF.exe

windows10-2004-x64

1

PingPlotte...ll.exe

windows7-x64

6

PingPlotte...ll.exe

windows10-2004-x64

6

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$_4_.msi

windows7-x64

6

$_4_.msi

windows10-2004-x64

6

Resubmissions

12/06/2024, 04:57

240612-flpr1a1flp 6

12/06/2024, 04:52

240612-fhvtva1eqd 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PingPlotter Professional 5.24.3.8913 [Programs.TheMicroTech.Net].zip

  • Size

    21.8MB

  • Sample

    240612-fhvtva1eqd

  • MD5

    06b28940f886c3a1b4725d771f17627e

  • SHA1

    ed052cbc64558c946ee3c9a291c6d4a38df88d30

  • SHA256

    653d46b5d17c5fd51248e6dde5adc57a5d7621299b7561cecf2479464da44efd

  • SHA512

    78cf2fba2b784e9450c2e3f6de7f721add508fbfa7458970bfc0ab31f72f00740d50c2838194898310a4956925ed7a3182579f2f81bbf0b7859d9c8b03b7d623

  • SSDEEP

    393216:0f+9iAgusmjmj+8/Znma5RPf72BLYJjPXjyT2u0wbkY0tD20yoZYp6uspWfPfUgp:0Q1gDmjPKl2BMJST2upxJwYp6dp6vK2T

Score
6/10

Malware Config

Targets

    • Target

      PingPlotter Professional 5.24.3.8913/KEYGEN-FFF/PingPlotter.v3.30.4_KEYGEN-FFF.exe

    • Size

      471KB

    • MD5

      cb3267e801381492384e401d53880716

    • SHA1

      d313acc4478a87015da03935a4bd0cee76afa42e

    • SHA256

      6b8e8068c0c816861b00ffc82c54ecb32446c60d50d1b33fd3bce336747435d7

    • SHA512

      0b0064e76a8b02866a0ef39b9f296906aee022dcbd5f94838264d50f7ba3ef8442c90fa27d11f78f61aa5dd8c9b56072cc508c9849d6d57344efe06d2cc2aa76

    • SSDEEP

      12288:n1gnI0R3PDUFfhbXzAZqGZlxt1vGzjHIzJVmMEJ:nqR3PDUFJbjAkGDTwHcMJ

    Score
    1/10
    behavioral1behavioral2

    • Target

      PingPlotter Professional 5.24.3.8913/pingplotter_install.exe

    • Size

      21.4MB

    • MD5

      ae2015bc36bb8a0b872d049430c622c2

    • SHA1

      c11db0f26d3554dea55b601eecdc50f90eae785d

    • SHA256

      3586e0620442b8dfe2ae80f14dd389c224a7b9db7e6b9b29779a5b3d28e4a47f

    • SHA512

      85c3b9380c2a803bb2f3f64a667bc062f0ee786f9bc5d50f6ce5157055eae20c76f6c6ae3d0ead0a89f011925dd7bb8097d5c6014c2fb5b077cf5ff734cceaf0

    • SSDEEP

      393216:SeHSB8FeRF1NDgVEoZM9m5boLMMzgO+8+X7gj/pIBibcqBKOCCtbP:YzXay9UoL5+RgjLRgEP

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/DotNetChecker.dll

    • Size

      84KB

    • MD5

      f18364fa5084add86c6e73e457404f18

    • SHA1

      6d87c4b9dbf78af88fddf0d4d5febe845c8e4e6a

    • SHA256

      39c43d67f546fc898f7406d213b73dcb1bc30fc811ddfa3a02b6b50c29d11f91

    • SHA512

      716892492390fe4314f3289286f733d07b8b84de1f5af0676b26e68c0be01808682d35ad2bb9e9491247b7bb5a0ea297a6850e26de9baf88621c789206107db3

    • SSDEEP

      1536:AZBjgSXlkq8su+OudgGpGlmQSMqJS4HGsorJKQUDs0OsWPIcdGbk2HeJ:AYvo7PMqEuiKQGbk2HeJ

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      37KB

    • MD5

      0493dcc333f413ae01afb74652128fe8

    • SHA1

      c6c5d131279da08a54efc7ec565ec03863f62baf

    • SHA256

      23da25dbf9f9392e29652084881d7ecedec770bc672800d8300b3f902594e890

    • SHA512

      113c81010a55181d2ed9dd6cf197fc7c14c3caea06fb4bfe56534eb6075969d2ef4a86ab516217c6a26e2eab892c3d5a0d446b80038d5972fbb8ea8e09093f0e

    • SSDEEP

      384:SRHnRp1w0RUPEACdnlfyXNEkbLitX44KmIQxMkioOcJAMzT8P5nwHkzkBOoWzpf3:cRp1kP8NgWk6tohm7xFi4iMfdOoWRA

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      ca332bb753b0775d5e806e236ddcec55

    • SHA1

      f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f

    • SHA256

      df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d

    • SHA512

      2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00

    • SSDEEP

      192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsisdl.dll

    • Size

      15KB

    • MD5

      39b76431ab111d118f6759c1946a89b4

    • SHA1

      ae3704cc4d1585c79a0ca5e757c95d5288790b97

    • SHA256

      1dd9cf437ce9a98db66d1132c8e116531d0b0c08b06226045652382918a23dbc

    • SHA512

      9d65b6a004c5fbd0e9bfcef5319e32993d41c3023f82bfa4b946cadb6d8946694efec2d6808fba82f3c9542020527b1b80a90f5f043ebaa076fe78d224ee5fe8

    • SSDEEP

      384:shyd8Y6pu8ZaLf6Uksnw1g8BUcyHisU/b:shyd8Y67WGg8B/Eiv

    Score
    3/10
    behavioral11behavioral12

    • Target

      $_4_

    • Size

      68.0MB

    • MD5

      d338244a4c63c6829ba63a436cd96bca

    • SHA1

      cf5b67a36f27990ae89933913b8e09c48360837c

    • SHA256

      c04393d32a045faa0940dc56f91d456935060cfa995cf3caee948ef09ab5cd33

    • SHA512

      ac5ed089a9ca48a7a997cf6053d7a8dec41b729f1ee456051ffc23373425bf62a2f82df9027176fa614b39c335ca86b4e23633fe50359fc0392a54ff47744b46

    • SSDEEP

      393216:wst/V4e0wTkW4rjtNkWbNUz6sdhq1Dzw7RvPm0DMFGwyZyjVhlwdLnoIXXsagvHs:wUqWYXkW5Ujqhzw7RvtYrHs9os

    Score
    6/10

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks