Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
New folder (10).rar
-
Size
17.3MB
-
Sample
240624-zmkzzsscmg
-
MD5
872c9174dabf3112a401d0f5aaf9f5d4
-
SHA1
de00d1c13085fdb50626324e28787695c13e196b
-
SHA256
141607cb1599b9798567420990f586708ea2a3b12ebf5c3de43ae088fbbec870
-
SHA512
8999b5f50d0539c574fbd5ae8d7c9a517e05d6cc748cef17e10c7f081303266fc958a6327d81db7d870847d1ca8ce6d26f8fa36552fac7d6ffaadbe749dbc1bb
-
SSDEEP
393216:ZiZdHPjZoBiNZJD0bH6ZlVD4zV+/56aR+aR:ZiZdvjCBQZJDPN4zVmRR
Malware Config
Targets
-
-
Target
New folder (10).rar
-
Size
17.3MB
-
MD5
872c9174dabf3112a401d0f5aaf9f5d4
-
SHA1
de00d1c13085fdb50626324e28787695c13e196b
-
SHA256
141607cb1599b9798567420990f586708ea2a3b12ebf5c3de43ae088fbbec870
-
SHA512
8999b5f50d0539c574fbd5ae8d7c9a517e05d6cc748cef17e10c7f081303266fc958a6327d81db7d870847d1ca8ce6d26f8fa36552fac7d6ffaadbe749dbc1bb
-
SSDEEP
393216:ZiZdHPjZoBiNZJD0bH6ZlVD4zV+/56aR+aR:ZiZdvjCBQZJDPN4zVmRR
Score3/10 -
-
-
Target
New folder (10)/Artic.exe
-
Size
9.1MB
-
MD5
a222517e57c3de9beb695be65f2b2cce
-
SHA1
d2c423dd84c8ba7bea6d1513be5233a7ffeb6878
-
SHA256
2a104aeb25c87c217ededd4f2dfb7c22f95196765e01ab70bcc16ed66fe7d8c9
-
SHA512
85e44314974b69bb2c7392784a699c52a954d4034773013cc02caf2bb8c9b2de961fac1704e4492726912619435024c0928af6b988b89b32209f3c113ab455c8
-
SSDEEP
196608:c0naZ/c/YLawDOsV3HyEpTLZuorLZIjBuS:cz/c/YLaTI3ppPEdB
Score3/10 -
-
-
Target
New folder (10)/Scripts/Hello.lua
-
Size
30B
-
MD5
c4e8cf74c582b384918156f92045fc97
-
SHA1
4b021ba3970bc9e63aa2f5a33214490c3aec64c4
-
SHA256
a40ad5fc4f3ce66f7b787dbefbaf70c9e5813d1cd6f3bd8cec177a46e8f9bcc7
-
SHA512
73f7a1f130e58909e7f6def392342ff98cfbb8701a13e94195868320e8598d1011f733a6fcc52fa4937c48adb3d43aa6604ba24ed9aefb6ce1abc5b960812845
Score3/10 -
-
-
Target
New folder (10)/autoexec.lnk
-
Size
1KB
-
MD5
b19200d719175d4052e4f7e855c6c66f
-
SHA1
a7bf64123aa000e23f7fb5a95a20fb6db6a5d23d
-
SHA256
d9398d3421ef9adc96dd6534f6157ad2498a63cd8ef453d93ec76a15e090a984
-
SHA512
69f9300c06217f6bec6cc5c87b43ec7a1fdca59d9185d9eea2eb1992403bb4643703353064debcc67b7e7284c8a9e0b5c1f26bd11fdba07f393611ceeab0a295
Score3/10 -
-
-
Target
New folder (10)/aworkspace.lnk
-
Size
1KB
-
MD5
bbefa0dcec58bb786d3658d7cd48f9a3
-
SHA1
1e119b0815087254324a40bf94d8a8b45eca3788
-
SHA256
23d2bfc79a8c02558fdeaba3ca032365eaffd9068063d931882180f3d9d5f167
-
SHA512
2f31716df0a6e02d4ad86166e8bb6319c733ad441a2c1872ca47726fa1325dd9bbbc220844e710157105c7bf5388fd42035deadf8ef8f7bda8a1b281e98a8b02
Score3/10 -
-
-
Target
New folder (10)/bin/ArticDLL.dll
-
Size
9.2MB
-
MD5
602aa90fe7c3d3dd958d041a28c01cf2
-
SHA1
a2cbc3bde48d8d764917dde1b56146e4a7a51a1f
-
SHA256
9f57c170461a90629a3a54149011ddffb321ba17ce6c5a2ad29dd3f953479499
-
SHA512
c756b3576bd77e6bb4eaaa886a6292b6edb3861d7865aa9f17359e1b071b7adf74ab2ffaf8e66b8f15948ae18e744273b9c3c233c0569362774bf78ca4e554d9
-
SSDEEP
196608:IDPZpEhP272r1ZULbBw+CjVrLqr/C0dnbX7Hv0vwJLt2IBFS2mSeIN:lhPZBGLbEF+r/Ck8v2LEIPp
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
New folder (10)/bin/artic.xshd
-
Size
8KB
-
MD5
660472b39fc3a869bd706dd5b13017b9
-
SHA1
77d9b9fe6df1b7a1fc0de77f7e743e9d38ca774b
-
SHA256
0aeebaf0d32af6beaf6f32e774feb23d2acaf7ddf2ddda3e6219c9a3b5bfcef2
-
SHA512
3c4d8211eea62b31feacbc08c68e143dd66678135a7d5adb57fb33a6892be0ecfcaa33acfdbd0d4476fc8571f2487c6bfa2f7c7edbf9e9e723e892cdcf960423
-
SSDEEP
48:dtQWr0fsBrAeXcjAJHuj6AujVTDujTM2rmHV71rWqNa/1n3BwoZT4v6jrGYIhyal:lIc05cy8VULk1CoXNOIyJKz
Score1/10 -
-
-
Target
New folder (10)/bin/ver.txt
-
Size
5B
-
MD5
b995cf21f72f7626005ed9769037c2d3
-
SHA1
0e42aad86f98b039b0fbb7343ec1807e80f5e6de
-
SHA256
7b58d6ca804e946f4db3e4de1236ccdc789fe6a0348cfa7e7e635b931661812a
-
SHA512
50ccbad3f49aaf756d487cda18dd28207dde94ab40bf20e27df11664e9507f5f45195a1c55a4fdea1aa923b06defd683ddab3a9072a91d66293552cf10e4b49a
Score1/10 -