Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

#Nḙw_PC�...!!.rar

windows7-x64

3

#Nḙw_PC�...!!.rar

windows10-2004-x64

3

flutter_windows.dll

windows7-x64

1

flutter_windows.dll

windows10-2004-x64

1

msvcp140.dll

windows7-x64

1

msvcp140.dll

windows10-2004-x64

1

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

tray_manag...in.dll

windows7-x64

1

tray_manag...in.dll

windows10-2004-x64

1

url_launch...in.dll

windows7-x64

1

url_launch...in.dll

windows10-2004-x64

1

vcruntime140.dll

windows7-x64

1

vcruntime140.dll

windows10-2004-x64

1

vcruntime140_1.dll

windows7-x64

1

vcruntime140_1.dll

windows10-2004-x64

1

vcruntime140_app.dll

windows7-x64

1

vcruntime140_app.dll

windows10-2004-x64

3

windows_si...in.dll

windows7-x64

1

windows_si...in.dll

windows10-2004-x64

1

x86/HDHelp...1].exe

windows7-x64

1

x86/HDHelp...1].exe

windows10-2004-x64

1

x86/NvSter...1].exe

windows7-x64

1

x86/NvSter...1].exe

windows10-2004-x64

3

x86/VSLaun...1].exe

windows7-x64

1

x86/VSLaun...1].exe

windows10-2004-x64

1

x86/api-ms...-1.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    #Nḙw_PCŜétup-44286-Pa$$wrD!!.rar

  • Size

    12.7MB

  • Sample

    240615-n9h85azdkh

  • MD5

    70253a95872e89b43b0f04761eca0221

  • SHA1

    c15d1bc61dd6dc92e495407b632d0c5c91c2ad7e

  • SHA256

    3aeea541c4fcdbf46b3e904522682e638b9ca7a981379864a72cf2274654419e

  • SHA512

    01384e44181a71e3a8932709e1b5ee3f72170d4b8a3f467b71811d9a5193af604fc9754dcb0c80e112ff2d755c0d780b9d87aa55391a66953f0d665066f89c6e

  • SSDEEP

    393216:cA2hvqLVDobbGZfAPkcUwchGES9Eq3KbhOiKQq:cIRDwGJQ10htiD6Sp

Score
10/10
stealcvidardiscoveryspywarestealer

Malware Config

Extracted

Family

stealc

rc4.plain

Targets

    • Target

      #Nḙw_PCŜétup-44286-Pa$$wrD!!.rar

    • Size

      12.7MB

    • MD5

      70253a95872e89b43b0f04761eca0221

    • SHA1

      c15d1bc61dd6dc92e495407b632d0c5c91c2ad7e

    • SHA256

      3aeea541c4fcdbf46b3e904522682e638b9ca7a981379864a72cf2274654419e

    • SHA512

      01384e44181a71e3a8932709e1b5ee3f72170d4b8a3f467b71811d9a5193af604fc9754dcb0c80e112ff2d755c0d780b9d87aa55391a66953f0d665066f89c6e

    • SSDEEP

      393216:cA2hvqLVDobbGZfAPkcUwchGES9Eq3KbhOiKQq:cIRDwGJQ10htiD6Sp

    Score
    3/10
    behavioral1behavioral2

    • Target

      flutter_windows.dll

    • Size

      17.4MB

    • MD5

      13db76e2323ba9a7358cca9fd7eb84fc

    • SHA1

      4318aea16e23c76d913a23831b00822d3f396db2

    • SHA256

      697646e72e876457d79913060cec08437cefa1565031949e75522532f8f84a49

    • SHA512

      ed0317442b8a9b2d280df802b89e3511e574f1ffb19f9accc2d3d1ff32342f5fae4b2c8ced4de18f161033a308b99a2dfd13435358ffd2d3ace852b7a365c9d4

    • SSDEEP

      98304:uceV/7q+mWCWfHzZm5bbJTCVbnL39s1qlYzauFIrwYhLoCRH3Sz+cyBgPvAEhZ3u:eEJTKth06CBAaVLCH

    Score
    1/10
    behavioral3behavioral4

    • Target

      msvcp140.dll

    • Size

      564KB

    • MD5

      1ba6d1cf0508775096f9e121a24e5863

    • SHA1

      df552810d779476610da3c8b956cc921ed6c91ae

    • SHA256

      74892d9b4028c05debaf0b9b5d9dc6d22f7956fa7d7eee00c681318c26792823

    • SHA512

      9887d9f5838aa1555ea87968e014edfe2f7747f138f1b551d1f609bc1d5d8214a5fdab0d76fcac98864c1da5eb81405ca373b2a30cb12203c011d89ea6d069af

    • SSDEEP

      12288:RBSNvy11qsslnxU/1ceqHiNHlOp/2M+UHHZpDLO+r2VhQEKZm+jWodEEVAdm:RBSDOFQEKZm+jWodEE2dm

    Score
    1/10
    behavioral5behavioral6

    • Target

      setup.exe

    • Size

      316KB

    • MD5

      c637e5ecf625b72f4bef9d28cd81d612

    • SHA1

      a2c1329d290e508ee9fd0eb81e7f25d57e450f8c

    • SHA256

      111c56593668be63e1e0c79a2d33d9e2d49cdf0c5100663c72045bc6b76e9fe6

    • SHA512

      727d78bab4fab3674eec92ca5f07df6a0095ab3b973dd227c599c70e8493592bb53bb9208cc6270713283ef0065acfad3203ddcf4dcb6d43f8727f09ceaaf2e4

    • SSDEEP

      6144:VzsRSKkhKKXDD2mTLGxelHJ+SBae3VFpSX:6VkhZWEGxelH0SBtfpS

    Score
    10/10
    stealcvidarstealerdiscoveryspyware

    • Detect Vidar Stealer

      stealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral7behavioral8

    • Target

      tray_manager_plugin.dll

    • Size

      113KB

    • MD5

      65dcbb76cbb2bbb1684186f1520e888d

    • SHA1

      25d656c1cb3c814776779bc53e0e2b937d8441f4

    • SHA256

      9c7e0de576932c8b2149849c96f3493bcae215f6db5996dbaf5ae1788697e8f0

    • SHA512

      e351547e551943db0267828e283797c81b593ec303cee4d4447226e86927acac93b87226e79e1a913a1ec397b4183b7ee81a2af8764f71d7fa73c41bb102d9ca

    • SSDEEP

      3072:IVV+oRKikJVXx0esFNKKr9VNLe1Zl1QaI:MVxRkJVh0esLKKr9VNLe1Zl1Q

    Score
    1/10
    behavioral10behavioral9

    • Target

      url_launcher_windows_plugin.dll

    • Size

      92KB

    • MD5

      7e6a40e0083af22b186b662553d679fc

    • SHA1

      b74c38d1d33004fb27b1df8003ecd4b87a5739c1

    • SHA256

      578323ec0b492e72987778af3811cd00b71171b1e84b92e720964543f8f3a183

    • SHA512

      3ac74e807bddffc2965cb3878a51e5c7c3b5eab2dcf8bc1ffaa41a56e20460cd01ff6b9a00d78e1aa021f5b9c38ba4f4726d37bf42749da4fa208e3f8985c114

    • SSDEEP

      1536:bFDb3dBYnaTP5ixDXEdOk99sVwC8LpL0lHBV8Pl4sA72+AIr:Bb3BTPMbQOk3sr8LpL0lHBV8PlHYQI

    Score
    1/10
    behavioral11behavioral12

    • Target

      vcruntime140.dll

    • Size

      106KB

    • MD5

      49c96cecda5c6c660a107d378fdfc3d4

    • SHA1

      00149b7a66723e3f0310f139489fe172f818ca8e

    • SHA256

      69320f278d90efaaeb67e2a1b55e5b0543883125834c812c8d9c39676e0494fc

    • SHA512

      e09e072f3095379b0c921d41d6e64f4f1cd78400594a2317cfb5e5dca03dedb5a8239ed89905c9e967d1acb376b0585a35addf6648422c7ddb472ce38b1ba60d

    • SSDEEP

      1536:BcghDMWyjXZZIzpdbJhKm6Kuzu8fsecbq8uOFQr+zMtY+zA:BVHyQNdbJAKuzRsecbq8uOFvyU

    Score
    1/10
    behavioral13behavioral14

    • Target

      vcruntime140_1.dll

    • Size

      48KB

    • MD5

      cf0a1c4776ffe23ada5e570fc36e39fe

    • SHA1

      2050fadecc11550ad9bde0b542bcf87e19d37f1a

    • SHA256

      6fd366a691ed68430bcd0a3de3d8d19a0cb2102952bfc140bbef4354ed082c47

    • SHA512

      d95cd98d22ca048d0fc5bca551c9db13d6fa705f6af120bbbb621cf2b30284bfdc7320d0a819bb26dab1e0a46253cc311a370bed4ef72ecb60c69791ed720168

    • SSDEEP

      768:a0Q4HUcGJZekJSam1BbuBSYcCZbiLzlSHji9z4GwZHji9znwT:afnDex5izbiLzlE+z4Gwl+zwT

    Score
    1/10
    behavioral15behavioral16

    • Target

      vcruntime140_app.dll

    • Size

      21KB

    • MD5

      c0f29bd3b0eb4d8795d609a0c52e0926

    • SHA1

      2f1958696d66edaf38079e370dcc2b41c7474122

    • SHA256

      813a447192c4fa7d25d0716b769399546f8bf6b31269dd8ad47f9812008d79e6

    • SHA512

      02bc56ad129a7d6382ba8d68b68a52fa70ace9bce68aae56d901bc60451982e358805e950ab49ae3d0c052c2ac6d44a6f5ab3679cd4ce2fbb205e4a8c7d7b670

    • SSDEEP

      384:K0g/dJiHlDoeuczbaj7wTfzvg55dHRN7ooiFWSlGs4kz:w/d8lDoeuczbaj7Cg9jHPs

    Score
    3/10
    behavioral17behavioral18

    • Target

      windows_single_instance_plugin.dll

    • Size

      82KB

    • MD5

      00c451a17ddfcd810086fb2ad794125a

    • SHA1

      feba77a0ca91f828099a3444a93ff11b6ce40fe5

    • SHA256

      f1430479210c19093d76435e5826e3578420933248b51164e11f0992f77ed1f1

    • SHA512

      6ea4d2556e0b82d017cde2a3c5c9b2881daca6b5af0e92cd10be886047eb6303085244ac1bb764e96595b3ca448504591c976dfefbffca8c6cbabe28f81e78c3

    • SSDEEP

      1536:ET2xnGrpBkhdFk3ffx9z7yEzONPf1GMn8cmu516pgTcHbm2iIr:EqFGPaFkvZF/zIf1GMn89u516pgY7mnI

    Score
    1/10
    behavioral19behavioral20

    • Target

      x86/HDHelper_[0MB]_[1].exe

    • Size

      566KB

    • MD5

      8a179892518a2c4e8a63afa91de7bdce

    • SHA1

      e9b095c966ccc4c4900b4cf741c067d2a0f43cd4

    • SHA256

      72ece91f65a461c5023695bf5f31b5b6b5bd629dba8407524e8144f6d1e160e8

    • SHA512

      91abb220c222a89a2df27818b8385b4015128a35b7d4c43d0f497717a4e5a55dfb9dc1da3f47a49a2400ea8300d41d52277331a6c7c3437ac5cb867a4027b220

    • SSDEEP

      12288:voJoMf8uSKkd/kAseRy/M96oQD08WjWYatid4TwzSxK/G8kHcL:CEKkd/wXMwoQJW6Ya5TwzUKeH8L

    Score
    1/10
    behavioral21behavioral22

    • Target

      x86/NvStereoUtilityOGL_[1MB]_[1].exe

    • Size

      1.1MB

    • MD5

      017cd77d01314e72a973ff0c7882453d

    • SHA1

      288238159cf18418149f5cd3475a6ebb9f45a631

    • SHA256

      c2c71318a17f7f767e5d203d22b48f27eecae46a4f37082d7b413c51da6183b3

    • SHA512

      b1d4c87e7d8585c16aa50499398c9a04d90bcd32ab36fbf7a357bc15abce0cd802a259cc7431de9fe2ca77aa68298aab5041157308be4601f7f7aa0c3c180b03

    • SSDEEP

      24576:zCVnoQHgdFnJhVaqajA4+ubDaSKYqSpamUbSBe:zgnoFFnJjaqajA4+yaSK5SpamUbSBe

    Score
    3/10
    behavioral23behavioral24

    • Target

      x86/VSLauncher_[0MB]_[1].exe

    • Size

      281KB

    • MD5

      7a7bb3b0e57e4fb32c57b74e78e657ad

    • SHA1

      f1dee943b1b6238b1466d83325c4099d189cd4b5

    • SHA256

      87048cff2227d2901314760618d23917cfbc5cc15fc22dc355e803c5ee5fb211

    • SHA512

      ef0c9985b640189ed9991b301cfbf9771df961e1bf67bf68c5833667db53977c9745bcfb42e059d8bb5bcd7a88253a715d86f65612dccc33514ccda3baaf24c2

    • SSDEEP

      3072:Dawahjy56hh65Ndqp9ikqtPLy0gJmU/3j41IGvQC2mCILuCW+VoNDRUiuDhJoueT:dLlavj41nDlDOO9uunwiLWyIE2n

    Score
    1/10
    behavioral25behavioral26

    • Target

      x86/api-ms-win-core-processthreads-l1-1-1.dll

    • Size

      17KB

    • MD5

      29001f316ccfc800e2246743df9b15b3

    • SHA1

      dc734266648d3463c1f8d88c1ce7d900a4e3b26c

    • SHA256

      e5ea2c21fb225090f7d0db6c6990d67b1558d8e834e86513bc8ba7a43c4e7b36

    • SHA512

      4cffc0c6f94fcd1155909993c622b9103abd7a7bce88742a10abd6a3496a334d667a39bb601f99eb174aa847d7dae056e0d9769754ca86320579b262a20a6599

    • SSDEEP

      384:WRtwDfIe9jWfhWC+Y3DGk8ZpH3GCJErra8o7Q+Y3DGUKn8JN77hhET:ape9A5DGkiRBEXaR70DGa3hqT

    Score
    1/10
    behavioral27

    • Target

      x86/api-ms-win-core-profile-l1-1-0.dll

    • Size

      16KB

    • MD5

      6ee66dca31c5cce57740d677c85b4ce7

    • SHA1

      8969db03f98f9548caf8e2d8c7f2f5cd7071f333

    • SHA256

      d00a0edace14715bf79dbd17b715d8a74a2300f0adb1f3fc137edfb7074c9b0a

    • SHA512

      592e3b6c689a0d6c87079c54c3e13e6ee1fc0c5c770abc854040e85464687c46f0a558be22f8759dbc4a100810386ee379ffe4359cf9091d9afae548bc597be2

    • SSDEEP

      384:WiIWfhWx+Y3DGk8ZpH3GCJErcx3l/r7+Y3DGU78JN77hhC6UHR:doDGkiRBEWV/rxDGT3h06UHR

    Score
    1/10
    behavioral28

    • Target

      x86/api-ms-win-core-rtlsupport-l1-1-0.dll

    • Size

      17KB

    • MD5

      0069fd29263c0dd90314c48bbce852ef

    • SHA1

      dfb99c850a69e67e85f0a0985659f325bd8f84fc

    • SHA256

      d11093fdc1d5c9213b9b2886ce91db3ded17ef8dae1615a8c7ffbc55b8e3f79b

    • SHA512

      71965e8dd2fd81d0c6dba4dbec8d2d1bfd4a644ef6bba4f6027de4bcdf9c07da16f27f2156c21b52e678c75f0a93a4bcbc3e1942f0a73f1eea5ff64b70662f70

    • SSDEEP

      384:WCGeVxWfhWD+Y3DGk8ZpH3GCJErYtN+Y3DGUO8JN77hhTew:3GeVmyDGkiRBEojDGa3h9ew

    Score
    1/10
    behavioral29

    • Target

      x86/api-ms-win-core-string-l1-1-0.dll

    • Size

      17KB

    • MD5

      2e5c29fc652f432b89a1afe187736c4d

    • SHA1

      96f8480b9339411d5d8c94918e983523b1a55c56

    • SHA256

      3807db7acf1b40c797e4d4c14a12c3806346ae56b25e205e600be3e635c18d4f

    • SHA512

      fe1135532e18127f2cfefaaa4a19020d6c790374f648dc93383d58ee52b147d1451af01b8624234bd5d77abe2451eb3e15cbe72a19d283f00cf78c05c43041df

    • SSDEEP

      384:W4yMv9WfhWx+Y3DGk8ZpH3GCJEr4ey/+Y3DGU888JN77hhnY1:DyMvaIDGkiRBEsnDGX3hxY1

    Score
    1/10
    behavioral30

    • Target

      x86/api-ms-win-core-synch-l1-1-0.dll

    • Size

      19KB

    • MD5

      979c67ba244e5328a1a2e588ff748e86

    • SHA1

      4c709ce527550eb7534cb6362afdb3623c98254e

    • SHA256

      8bb38a7a59fbaa792b3d5f34f94580429588c8c592929cbd307afd5579762abc

    • SHA512

      49f3c3319aa462b445c6a0b816e10034f6e5a9cf1250ea30b348cfa1ef71525e9f62e2f13253f61375f51fc574847de0d509cffa95103771be356327d5fef90d

    • SSDEEP

      384:Wjdv3V0dfpkXc0vVaCWfhWt+Y3DGk8ZpH3GCJErHZpn+Y3DGUrUN8JN77hhYl:Wdv3VqpkXc0vVabkDGkiRBEtplDGEUq8

    Score
    1/10
    behavioral31

    • Target

      x86/api-ms-win-core-synch-l1-2-0.dll

    • Size

      17KB

    • MD5

      659e4febc208545a2e23c0c8b881a30d

    • SHA1

      11b890cc05c1e7c95f59eda4bb8ce8bc12b81591

    • SHA256

      9ac63682e03d55a5d18405d336634af080dd0003b565d12a39d6d71aaa989f48

    • SHA512

      010ab6d3971fabd2a956f891b8d9d20ef487e722443b2882a1a329830dc5c80d262e03a844cd3f5c3e4efcfbad72b9e1fbbf7d9dc6cf85ed034d84726946ce07

    • SSDEEP

      384:WHtZ36WfhW8+Y3DGk8ZpH3GCJEFxMDD+Y3DGEC8q8JN77hhFGT:EbDGkiRBEsJDGS13hj+

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

stealcvidarstealer
Score
10/10

behavioral8

stealcvidardiscoveryspywarestealer
Score
10/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10