Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3JQX2P/TkRtoJe.exe
windows7-x64
10JQX2P/TkRtoJe.exe
windows10-2004-x64
10Xz1z1QPsm/...q6.exe
windows7-x64
10Xz1z1QPsm/...q6.exe
windows10-2004-x64
10w2tPGuJUS/...8Y.exe
windows7-x64
10w2tPGuJUS/...8Y.exe
windows10-2004-x64
10x2wg01JC/Q...5H.exe
windows7-x64
3x2wg01JC/Q...5H.exe
windows10-2004-x64
3General
-
Target
远程控制.rar
-
Size
45.9MB
-
Sample
240713-nrv5za1emd
-
MD5
3a8b2c8a3a6fe0451bee48ab02088c73
-
SHA1
3b18d63c84b11c53a155dbbb329e23e69ef4bbf9
-
SHA256
61f6292c090b98f23f5a1d287e2033d24be834caae0f663234912b0bc4331536
-
SHA512
cb074bda3017e27befbe723d7984c4168739821a58b252f3ee26b6d292d34020fcf97f5a6579b71d601063df05a96d0848ad02547a04f525b15e1ea19c235dbe
-
SSDEEP
786432:xbLgI4gY5QLWpifviGzH0xOzqjgxQic2MajHNTSXCEwPYO3PClYVwyg34+bXpQyD:KItY5fCiGzH0Cd3c2MajtWXlwp3KYV9U
Static task
static1
Behavioral task
behavioral1
Sample
JQX2P/TkRtoJe.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
JQX2P/TkRtoJe.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
Xz1z1QPsm/8R52t3q6.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
Xz1z1QPsm/8R52t3q6.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
w2tPGuJUS/65Pt428Y.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
w2tPGuJUS/65Pt428Y.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
x2wg01JC/Qkt9goL5H.exe
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
x2wg01JC/Qkt9goL5H.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
JQX2P/TkRtoJe.exe
-
Size
125KB
-
MD5
1b86e7f23393360f0257228745cd77d2
-
SHA1
ae28f155181d942ed4fdd6f59d4f452cce940320
-
SHA256
1ad6c4e0c4959acf66fec67c5c34c6e6bd034661972954f27fd9df8a07539569
-
SHA512
799209aa6136ec71e42ef937f25d8209b66c955b25ab2031928931f19af823df26b15ed6b6d2ab098d9283e2ed964fe6f6af9e9ea6b08f5831bbab463bf589bf
-
SSDEEP
3072:yt2IhJW9KaY3gc4AXcItYamdfduUQcJClt83p02K/5ySVF:1IzyKHaAFYtiUQaBw5ygF
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Xz1z1QPsm/8R52t3q6.exe
-
Size
125KB
-
MD5
1b86e7f23393360f0257228745cd77d2
-
SHA1
ae28f155181d942ed4fdd6f59d4f452cce940320
-
SHA256
1ad6c4e0c4959acf66fec67c5c34c6e6bd034661972954f27fd9df8a07539569
-
SHA512
799209aa6136ec71e42ef937f25d8209b66c955b25ab2031928931f19af823df26b15ed6b6d2ab098d9283e2ed964fe6f6af9e9ea6b08f5831bbab463bf589bf
-
SSDEEP
3072:yt2IhJW9KaY3gc4AXcItYamdfduUQcJClt83p02K/5ySVF:1IzyKHaAFYtiUQaBw5ygF
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
w2tPGuJUS/65Pt428Y.exe
-
Size
125KB
-
MD5
1b86e7f23393360f0257228745cd77d2
-
SHA1
ae28f155181d942ed4fdd6f59d4f452cce940320
-
SHA256
1ad6c4e0c4959acf66fec67c5c34c6e6bd034661972954f27fd9df8a07539569
-
SHA512
799209aa6136ec71e42ef937f25d8209b66c955b25ab2031928931f19af823df26b15ed6b6d2ab098d9283e2ed964fe6f6af9e9ea6b08f5831bbab463bf589bf
-
SSDEEP
3072:yt2IhJW9KaY3gc4AXcItYamdfduUQcJClt83p02K/5ySVF:1IzyKHaAFYtiUQaBw5ygF
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
x2wg01JC/Qkt9goL5H.exe
-
Size
125KB
-
MD5
1b86e7f23393360f0257228745cd77d2
-
SHA1
ae28f155181d942ed4fdd6f59d4f452cce940320
-
SHA256
1ad6c4e0c4959acf66fec67c5c34c6e6bd034661972954f27fd9df8a07539569
-
SHA512
799209aa6136ec71e42ef937f25d8209b66c955b25ab2031928931f19af823df26b15ed6b6d2ab098d9283e2ed964fe6f6af9e9ea6b08f5831bbab463bf589bf
-
SSDEEP
3072:yt2IhJW9KaY3gc4AXcItYamdfduUQcJClt83p02K/5ySVF:1IzyKHaAFYtiUQaBw5ygF
Score3/10 -