Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    DriversCloud_Win_zx87g9z2kr_.exe

  • Size

    1.9MB

  • Sample

    240629-atmpqaweqa

  • MD5

    8da6433d405b55961e302babc9ffb1ff

  • SHA1

    803be7d4b874681e869de3837658bd61e7f8efde

  • SHA256

    879a1f5ebda081f1ca1db7750a0c159136288d1185d54fe0b01ee5f62ea169f9

  • SHA512

    00daa1952d755b4dbd437bdae434ac6312e795da737b5a5091856e0f2ddbf7eb51cc60e02ffb3f61a003da16c38752d118ca423bf56cd076a7baebcb15c2f742

  • SSDEEP

    49152:hdqn9ce9ET2Ja+4gM4tUBjbUqPEuH8jX6m7+D:hdeieiTi474tyjwIAX6m7w

Score
7/10
upx

Malware Config

Targets

    • Target

      DriversCloud_Win_zx87g9z2kr_.exe

    • Size

      1.9MB

    • MD5

      8da6433d405b55961e302babc9ffb1ff

    • SHA1

      803be7d4b874681e869de3837658bd61e7f8efde

    • SHA256

      879a1f5ebda081f1ca1db7750a0c159136288d1185d54fe0b01ee5f62ea169f9

    • SHA512

      00daa1952d755b4dbd437bdae434ac6312e795da737b5a5091856e0f2ddbf7eb51cc60e02ffb3f61a003da16c38752d118ca423bf56cd076a7baebcb15c2f742

    • SSDEEP

      49152:hdqn9ce9ET2Ja+4gM4tUBjbUqPEuH8jX6m7+D:hdeieiTi474tyjwIAX6m7w

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/GetVersion.dll

    • Size

      12KB

    • MD5

      5bc8360ad248b21d4fd238619aa6d4db

    • SHA1

      4f4190ec05a4083e1ab01d999bee74efe9977ef6

    • SHA256

      5a6214167ee1c310cd3b0ff6684ce50bd67611010f6f4fe68aa0ed3a29b08991

    • SHA512

      e5b06a989e1bf2f22dbbd507eb025ea4c432d5a3e16d7029065251f867561f936838eb3f14d5dd784d151a6dc5a382d9d59b324f409c1374790cc6b7adcc0581

    • SSDEEP

      384:jaiW+WOKL66GFBi46AQ5Vuaf4c8ZpH3GCJEAeGA:Wzj6bsiRBEp/

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/NScurl.dll

    • Size

      3.8MB

    • MD5

      7a644e6337e0b2908de49746da16facb

    • SHA1

      03a331e701543e9d5499e178e475cb4374f51cf9

    • SHA256

      1a2eecda662f9ae819ff0f716e67125867951b0d2d49c841d202f866ab3e3aad

    • SHA512

      7adfa468d0dede904325f7e7283a12b06738d9699bedafdb04816254ef97a34c7a80f5af893dc4a8a8f04b4bc1a5bbccd8875a5fc89efddb83e2f72351ca9e08

    • SSDEEP

      98304:2gpYcx1NeQUDuQqF6moZR2GSb5BDoo/inycARfoD7iLHVBg5p1wUVZuA:2qpx1NeQUDZqYmoZR2GSbnE8cMfoD7uw

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      18KB

    • MD5

      2db076f87de4a7671eb48f9a4ec6c59a

    • SHA1

      fe03da9ffa5ce73fdf4b742861c2dc94449b9e95

    • SHA256

      3a3e51c653a66e42a0422a0cef861f374843d227eb79ea31788d19e1f9d0628d

    • SHA512

      e535171ad7ef18fa275568125dd73135b610faa60a5c15987f639a6ce4af033937e820ba781cdbe1b74c2b55edc36bcce72f6894cd15e254e2b1ca765ce7e901

    • SSDEEP

      384:q/Qlt7wiij/lMRv/9V4bvrFf4c8ZpH3GCJEAZI7i:qaeiijipUviRBEef

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      15KB

    • MD5

      8cd70f1945da79795ff2efabecbad6c6

    • SHA1

      47ce283d49703babd6c54465937ccef75c8a74cd

    • SHA256

      9f95e57131a751dd802389271af6dd673ed68345024f09037835e3aacd46cd62

    • SHA512

      6b620f86d24516dcc2da142ee79b630d7fccdebaddeee1adda58a5fadd7174d72a6bcb0777d63e3cf571ae4d1d94088cc007213b3f75755b8fd97a383dde7dc6

    • SSDEEP

      384:8A7k8985U30WAw0hGIFc5f4c8ZpH3GCJEAvPw2FA:5Ni5U3/Aw0g5iRBEEq

    Score
    3/10
    • Target

      $PLUGINSDIR/xml.dll

    • Size

      655KB

    • MD5

      a0c4cc0fa4da74565189c1070852f2fc

    • SHA1

      8226cc52db9d6c31c58a17fc5a64ff0e38741815

    • SHA256

      1255e17c51649efa6ffd4b4fa045fbd5fcc2ef7f57e4719253e0d616306cd4b3

    • SHA512

      3ee7183b785625dcbaeb1b54f1c58ac3a01c6ffdf18f129bc233376aaddd8d7f2e82e0bf04afe540ab0db9c11117a74815b4b4f50822e654c997514f0897138e

    • SSDEEP

      12288:No+WEhu4KKmSdPy11hcB2niHDaG6hh+Whmiya5ccOqW3RBBppANW:3WElKichfh+Wh1yEccFcpANW

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks