Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    New folder (10).rar

  • Size

    17.3MB

  • Sample

    240624-zmkzzsscmg

  • MD5

    872c9174dabf3112a401d0f5aaf9f5d4

  • SHA1

    de00d1c13085fdb50626324e28787695c13e196b

  • SHA256

    141607cb1599b9798567420990f586708ea2a3b12ebf5c3de43ae088fbbec870

  • SHA512

    8999b5f50d0539c574fbd5ae8d7c9a517e05d6cc748cef17e10c7f081303266fc958a6327d81db7d870847d1ca8ce6d26f8fa36552fac7d6ffaadbe749dbc1bb

  • SSDEEP

    393216:ZiZdHPjZoBiNZJD0bH6ZlVD4zV+/56aR+aR:ZiZdvjCBQZJDPN4zVmRR

Score
9/10

Malware Config

Targets

    • Target

      New folder (10).rar

    • Size

      17.3MB

    • MD5

      872c9174dabf3112a401d0f5aaf9f5d4

    • SHA1

      de00d1c13085fdb50626324e28787695c13e196b

    • SHA256

      141607cb1599b9798567420990f586708ea2a3b12ebf5c3de43ae088fbbec870

    • SHA512

      8999b5f50d0539c574fbd5ae8d7c9a517e05d6cc748cef17e10c7f081303266fc958a6327d81db7d870847d1ca8ce6d26f8fa36552fac7d6ffaadbe749dbc1bb

    • SSDEEP

      393216:ZiZdHPjZoBiNZJD0bH6ZlVD4zV+/56aR+aR:ZiZdvjCBQZJDPN4zVmRR

    Score
    3/10
    • Target

      New folder (10)/Artic.exe

    • Size

      9.1MB

    • MD5

      a222517e57c3de9beb695be65f2b2cce

    • SHA1

      d2c423dd84c8ba7bea6d1513be5233a7ffeb6878

    • SHA256

      2a104aeb25c87c217ededd4f2dfb7c22f95196765e01ab70bcc16ed66fe7d8c9

    • SHA512

      85e44314974b69bb2c7392784a699c52a954d4034773013cc02caf2bb8c9b2de961fac1704e4492726912619435024c0928af6b988b89b32209f3c113ab455c8

    • SSDEEP

      196608:c0naZ/c/YLawDOsV3HyEpTLZuorLZIjBuS:cz/c/YLaTI3ppPEdB

    Score
    3/10
    • Target

      New folder (10)/Scripts/Hello.lua

    • Size

      30B

    • MD5

      c4e8cf74c582b384918156f92045fc97

    • SHA1

      4b021ba3970bc9e63aa2f5a33214490c3aec64c4

    • SHA256

      a40ad5fc4f3ce66f7b787dbefbaf70c9e5813d1cd6f3bd8cec177a46e8f9bcc7

    • SHA512

      73f7a1f130e58909e7f6def392342ff98cfbb8701a13e94195868320e8598d1011f733a6fcc52fa4937c48adb3d43aa6604ba24ed9aefb6ce1abc5b960812845

    Score
    3/10
    • Target

      New folder (10)/autoexec.lnk

    • Size

      1KB

    • MD5

      b19200d719175d4052e4f7e855c6c66f

    • SHA1

      a7bf64123aa000e23f7fb5a95a20fb6db6a5d23d

    • SHA256

      d9398d3421ef9adc96dd6534f6157ad2498a63cd8ef453d93ec76a15e090a984

    • SHA512

      69f9300c06217f6bec6cc5c87b43ec7a1fdca59d9185d9eea2eb1992403bb4643703353064debcc67b7e7284c8a9e0b5c1f26bd11fdba07f393611ceeab0a295

    Score
    3/10
    • Target

      New folder (10)/aworkspace.lnk

    • Size

      1KB

    • MD5

      bbefa0dcec58bb786d3658d7cd48f9a3

    • SHA1

      1e119b0815087254324a40bf94d8a8b45eca3788

    • SHA256

      23d2bfc79a8c02558fdeaba3ca032365eaffd9068063d931882180f3d9d5f167

    • SHA512

      2f31716df0a6e02d4ad86166e8bb6319c733ad441a2c1872ca47726fa1325dd9bbbc220844e710157105c7bf5388fd42035deadf8ef8f7bda8a1b281e98a8b02

    Score
    3/10
    • Target

      New folder (10)/bin/ArticDLL.dll

    • Size

      9.2MB

    • MD5

      602aa90fe7c3d3dd958d041a28c01cf2

    • SHA1

      a2cbc3bde48d8d764917dde1b56146e4a7a51a1f

    • SHA256

      9f57c170461a90629a3a54149011ddffb321ba17ce6c5a2ad29dd3f953479499

    • SHA512

      c756b3576bd77e6bb4eaaa886a6292b6edb3861d7865aa9f17359e1b071b7adf74ab2ffaf8e66b8f15948ae18e744273b9c3c233c0569362774bf78ca4e554d9

    • SSDEEP

      196608:IDPZpEhP272r1ZULbBw+CjVrLqr/C0dnbX7Hv0vwJLt2IBFS2mSeIN:lhPZBGLbEF+r/Ck8v2LEIPp

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      New folder (10)/bin/artic.xshd

    • Size

      8KB

    • MD5

      660472b39fc3a869bd706dd5b13017b9

    • SHA1

      77d9b9fe6df1b7a1fc0de77f7e743e9d38ca774b

    • SHA256

      0aeebaf0d32af6beaf6f32e774feb23d2acaf7ddf2ddda3e6219c9a3b5bfcef2

    • SHA512

      3c4d8211eea62b31feacbc08c68e143dd66678135a7d5adb57fb33a6892be0ecfcaa33acfdbd0d4476fc8571f2487c6bfa2f7c7edbf9e9e723e892cdcf960423

    • SSDEEP

      48:dtQWr0fsBrAeXcjAJHuj6AujVTDujTM2rmHV71rWqNa/1n3BwoZT4v6jrGYIhyal:lIc05cy8VULk1CoXNOIyJKz

    Score
    1/10
    • Target

      New folder (10)/bin/ver.txt

    • Size

      5B

    • MD5

      b995cf21f72f7626005ed9769037c2d3

    • SHA1

      0e42aad86f98b039b0fbb7343ec1807e80f5e6de

    • SHA256

      7b58d6ca804e946f4db3e4de1236ccdc789fe6a0348cfa7e7e635b931661812a

    • SHA512

      50ccbad3f49aaf756d487cda18dd28207dde94ab40bf20e27df11664e9507f5f45195a1c55a4fdea1aa923b06defd683ddab3a9072a91d66293552cf10e4b49a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks