Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
33f88e738a3...0N.exe
windows7-x64
73f88e738a3...0N.exe
windows10-2004-x64
7$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3$_2_/MiniQQDL.exe
windows7-x64
7$_2_/MiniQQDL.exe
windows10-2004-x64
7$_2_/Tenio...xy.dll
windows7-x64
1$_2_/Tenio...xy.dll
windows10-2004-x64
1$_2_/Tenio...DL.dll
windows7-x64
1$_2_/Tenio...DL.dll
windows10-2004-x64
1$_2_/Tenio...DL.exe
windows7-x64
7$_2_/Tenio...DL.exe
windows10-2004-x64
7$_2_/Tenio...80.dll
windows7-x64
1$_2_/Tenio...80.dll
windows10-2004-x64
1$_2_/Tenio...rt.exe
windows7-x64
1$_2_/Tenio...rt.exe
windows10-2004-x64
1$_2_/Tenio...80.dll
windows7-x64
1$_2_/Tenio...80.dll
windows10-2004-x64
1$_2_/Tenio...80.dll
windows7-x64
1$_2_/Tenio...80.dll
windows10-2004-x64
1$_2_/Tenio...pi.dll
windows7-x64
1$_2_/Tenio...pi.dll
windows10-2004-x64
1$_2_/Tenio...pp.dll
windows7-x64
1$_2_/Tenio...pp.dll
windows10-2004-x64
1$_2_/Tenio...re.dll
windows7-x64
3$_2_/Tenio...re.dll
windows10-2004-x64
3$_2_/Tenio...ta.dll
windows7-x64
3$_2_/Tenio...ta.dll
windows10-2004-x64
3$_2_/Tenio...tp.dll
windows7-x64
3$_2_/Tenio...tp.dll
windows10-2004-x64
3$_2_/atl80.dll
windows7-x64
1$_2_/atl80.dll
windows10-2004-x64
1General
-
Target
3f88e738a3ed1ad2aaab07b474da5910N.exe
-
Size
1.4MB
-
Sample
240714-3hwgpszelc
-
MD5
3f88e738a3ed1ad2aaab07b474da5910
-
SHA1
76c34461c171634f56ffb1335fead35d9f5878f2
-
SHA256
e06e7863d70d633589135d5f8801a19b09280d6bfb34cb3dec65d74ebebf6633
-
SHA512
bf5ba94b2f4253323f8484c899914c56847276cdd332ea0e46fc8cc08666337182a8ccc181b0528a865657cfc3414bfffabbfec795da48c5a4c9e01c4c54afd5
-
SSDEEP
24576:pmJJvwT8n4ZytMAgrvqGM0Vv0EnTd242/qZTIFHUe30/UeqxjYdnwAyRTnFlGl8n:pcAJZyNMz0YyqZ0FHXpRDGkDk8
Static task
static1
Behavioral task
behavioral1
Sample
3f88e738a3ed1ad2aaab07b474da5910N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
3f88e738a3ed1ad2aaab07b474da5910N.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ProcDll.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ProcDll.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
$_2_/MiniQQDL.exe
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$_2_/MiniQQDL.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
$_2_/TenioDL/TNProxy.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$_2_/TenioDL/TNProxy.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
$_2_/TenioDL/TenioDL.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
$_2_/TenioDL/TenioDL.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
$_2_/TenioDL/TenioDL.exe
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
$_2_/TenioDL/TenioDL.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
$_2_/TenioDL/atl80.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
$_2_/TenioDL/atl80.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
$_2_/TenioDL/bugreport.exe
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
$_2_/TenioDL/bugreport.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral17
Sample
$_2_/TenioDL/msvcp80.dll
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
$_2_/TenioDL/msvcp80.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
$_2_/TenioDL/msvcr80.dll
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
$_2_/TenioDL/msvcr80.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
$_2_/TenioDL/p2papi.dll
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
$_2_/TenioDL/p2papi.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
$_2_/TenioDL/p2papp.dll
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
$_2_/TenioDL/p2papp.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
$_2_/TenioDL/p2pcore.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
$_2_/TenioDL/p2pcore.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral27
Sample
$_2_/TenioDL/p2pdata.dll
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
$_2_/TenioDL/p2pdata.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
$_2_/TenioDL/p2phttp.dll
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
$_2_/TenioDL/p2phttp.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral31
Sample
$_2_/atl80.dll
Resource
win7-20240708-en
Behavioral task
behavioral32
Sample
$_2_/atl80.dll
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
3f88e738a3ed1ad2aaab07b474da5910N.exe
-
Size
1.4MB
-
MD5
3f88e738a3ed1ad2aaab07b474da5910
-
SHA1
76c34461c171634f56ffb1335fead35d9f5878f2
-
SHA256
e06e7863d70d633589135d5f8801a19b09280d6bfb34cb3dec65d74ebebf6633
-
SHA512
bf5ba94b2f4253323f8484c899914c56847276cdd332ea0e46fc8cc08666337182a8ccc181b0528a865657cfc3414bfffabbfec795da48c5a4c9e01c4c54afd5
-
SSDEEP
24576:pmJJvwT8n4ZytMAgrvqGM0Vv0EnTd242/qZTIFHUe30/UeqxjYdnwAyRTnFlGl8n:pcAJZyNMz0YyqZ0FHXpRDGkDk8
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
-
-
Target
$PLUGINSDIR/ProcDll.dll
-
Size
63KB
-
MD5
ca5fe462579bce3707666a8c656105df
-
SHA1
5dea6f63e173da570590608a8a4c6e9ac523a6df
-
SHA256
6c4b8dd9e61c62cdb8e53e9cfb18aa1a980180fb9156371c47745e4292a9d2d8
-
SHA512
83f1939441186a83b4adf1e0f38a3d3947b8c6aa51839eab1ae496e154eb2742b2b07be37e97bfea68e24fffd7b7740f503aec5f718b6a037889f11bddf955a8
-
SSDEEP
1536:D2hKE2+c+aal9aRK+o0zfYUplU8wMIsCvpJxhV:Dkc+aaIKmftU8ZIsCTxhV
Score3/10 -
-
-
Target
$_2_/MiniQQDL.exe
-
Size
201KB
-
MD5
3063dcc85aaf2789dc05d64349b04f60
-
SHA1
df0f098bb8d8f8fdc7794632a5f0746413cad50e
-
SHA256
ff00cb35393d600040be9c3bd363890e13188a257114c07dfe1f6f06e5f0d6f1
-
SHA512
7b9f56d348f420275a3788cf86fcb8ed5451a2c4b0961c51fa2144ad995c4ad66512ab34888065c8b1ac1b1c959183b86c0772e3c97507454a7a24beef2c9f32
-
SSDEEP
3072:4It9PPcuohxF7qGFAgAQb++ygfN9EVaN0+t9VPuFbwiiOvLhIVqj:4kcL5qr0vKVaC+rPaciiOVQqj
Score7/10-
Modifies file permissions
-
-
-
Target
$_2_/TenioDL/TNProxy.dll
-
Size
381KB
-
MD5
d5922567a24fc0dd563640c7c58f207b
-
SHA1
b8927d8a8b495a1e3900bc798fe13828e7119e43
-
SHA256
4050849dee043613c252d5f684092b54dac355943b95e16789bc982c3ab60683
-
SHA512
4fe661cc655e3f69e3010f9e081522cbd2e9b0604d72dbdf83ac4edfefaf1ff1aa3e4e431e214950620fa7b752a1f41be433319ff20551bbb1f1828ed023ad42
-
SSDEEP
6144:tzJn4huTMjHzBYFHiAr2io6E9XocLlDL3VjZYdnEnWOQrunDqUNu:YuTuArXoh9jLln3VWdnEnWOQrunWou
Score1/10 -
-
-
Target
$_2_/TenioDL/TenioDL.dll
-
Size
261KB
-
MD5
a162db275914a5c7adcebf845af9fd07
-
SHA1
92b24aa4047876c0b7109ad5b0b595de3369fdc2
-
SHA256
923f5a90bc36564cb8f8b4107e3f0a46b797d9fa737e8533c8b9acc183c78162
-
SHA512
e4190800e07cb71b812e3e74d0a83a13fd5b3c5d764cb4c6deb49100a7040f48c55d518809c9d4ae20564b7ba2419a02c0ab716d3ac540e141f6ef440a267da2
-
SSDEEP
6144:ddefgHzZ+ApbWHTrc5Gh3wZmWTBc9sODOJ1gAowU7Oa5Y:ddUgTjbWzrcstwZmWTmEjgAowKY
Score1/10 -
-
-
Target
$_2_/TenioDL/TenioDL.exe
-
Size
333KB
-
MD5
ce472064b917fdd429b07d10880c487f
-
SHA1
0c092116d67a5447f1f632c4e0e65a3b516a892c
-
SHA256
bdf2209a2cb6a7b9c3a0be4a7a0abdf988f446a4232973c6204ee2e4a2ed632a
-
SHA512
2b158fc4498e3756c17c8b44d2fc2464d62c639b6d425e72301c0f9b6f359a67e011d647c8de698c9e794cef0e65cb9efda34b63ed060611d97b0eadbf3c88d7
-
SSDEEP
6144:9TqmoyUiZ4Q5ihITwRYoOhQYtm5p4qpBtV/A5MGdTKLUaAxkBbOC+OJOh69A:9loyDZ4Q5ihRYEYtm5p4qpBtVo5MGdTh
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
-
-
Target
$_2_/TenioDL/atl80.dll
-
Size
94KB
-
MD5
3c7def3cbbca6284867aa4621d5d8a54
-
SHA1
4bd9852f1f063b9fd1e1829b756d381e14609fa7
-
SHA256
db18738202dcda842dce505ecd0b858d7b4c55886cac29827305f0dc3839143a
-
SHA512
1f9e89114a579bbb0c175d5fb587d58a923a0f556361b2f6c5ae3ffeb139539733e46edb3df1627fa630d5bc80cdf5ff311ca75754ca306345569cd48f51f2c4
-
SSDEEP
1536:RCYlLTNQQ/Nucs4hRKF+HnLoRsV1TlWh8XhylIjwaCi6imXmwxCU4tkm:R7LTNzNup4hAQHnLP+VXmwxCtk
Score1/10 -
-
-
Target
$_2_/TenioDL/bugreport.exe
-
Size
273KB
-
MD5
365d266b98414bf164e2e0e33c944bce
-
SHA1
f8b76f222b404efb3c6b66053b86f0fbb5d51d54
-
SHA256
ec9269d5c79f40e04609b33ba6f9fabe41681b17a906ebce9e7ff76207b6f65e
-
SHA512
3aa60ea1c6f72cc7ee9d851f629ad2e247fa86ab7f8a7683b0de962902a9760dda233889a8eb9a097055ea6bd242623718ea7f3cd4be5005390a713142a18bdf
-
SSDEEP
3072:HIYPuy0BgFx6AfRz10Td72Sn4UvHbZ0IspRgNSSTBfQwgtXFn/qewqMfNdabc:CQxrzOTp5pbdZNSSTB8MqMf2c
Score1/10 -
-
-
Target
$_2_/TenioDL/msvcp80.dll
-
Size
536KB
-
MD5
4c8a880eabc0b4d462cc4b2472116ea1
-
SHA1
d0a27f553c0fe0e507c7df079485b601d5b592e6
-
SHA256
2026f3c4f830dff6883b88e2647272a52a132f25eb42c0d423e36b3f65a94d08
-
SHA512
6a6cce8c232f46dab9b02d29be5e0675cc1e968e9c2d64d0abc008d20c0a7baeb103a5b1d9b348fa1c4b3af9797dbcb6e168b14b545fb15c2ccd926c3098c31c
-
SSDEEP
12288:Q1HyurvZ0JPjuTtSu86th1n/hUgiW6QR7t5j3Ooc8NHkC2eo:Q1HyurvZ0liTwuhtjnj3Ooc8NHkC2eo
Score1/10 -
-
-
Target
$_2_/TenioDL/msvcr80.dll
-
Size
612KB
-
MD5
e4fece18310e23b1d8fee993e35e7a6f
-
SHA1
9fd3a7f0522d36c2bf0e64fc510c6eea3603b564
-
SHA256
02bdde38e4c6bd795a092d496b8d6060cdbe71e22ef4d7a204e3050c1be44fa9
-
SHA512
2fb5f8d63a39ba5e93505df3a643d14e286fe34b11984cbed4b88e8a07517c03efb3a7bf9d61cf1ec73b0a20d83f9e6068e61950a61d649b8d36082bb034ddfc
-
SSDEEP
12288:6Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeC:6Ui2C1JdoiEdmGyYu
Score1/10 -
-
-
Target
$_2_/TenioDL/p2papi.dll
-
Size
437KB
-
MD5
5120752765a11e1a4d71e6c9d6f2a720
-
SHA1
18cdb039a788e64be485d8c242a9eb2761e87826
-
SHA256
f23545448f055dee379dee42ed95c9b7b6d7d8a1558814ec44544c0eda2f3797
-
SHA512
fd53007a369f3fd49b2ae6fdfeacb78253bcbae1015dd6770232be3e8c9f3634928129084bead359cf6befb6473d371e798de0a8d09b19f2697e5a83ee3b6af4
-
SSDEEP
6144:rEu//6tJyy68NRHTYXRnoMCcpqW+kfTTBqBGpsTOA0PmpTHt:4dtJyy68NRHMiMQWVfTTsBG9mht
Score1/10 -
-
-
Target
$_2_/TenioDL/p2papp.dll
-
Size
169KB
-
MD5
1fe9e12c790cba0013e96c7f7b805366
-
SHA1
296aff428041ee5718dd2cefea89144077063b1c
-
SHA256
69c24cca97afaf85d8b77ea1b8c4b56a3dae255973aeafd00c588c438f5c0fb6
-
SHA512
4f63aa0041cb0de5dc96efeff1eeec6ab0f7d1418f8af0d78a12c3ef3892257211a860008ba17abd435c08cef542d1c93650522f7673406dc1d1f84b613d9251
-
SSDEEP
3072:0UFdQ65k6e3f88gV4aoWTBfPvqCVOgLxJKnQL:/r5kg8faoWTBvqCVOgzIQL
Score1/10 -
-
-
Target
$_2_/TenioDL/p2pcore.dll
-
Size
445KB
-
MD5
0b85695db97bc8fd031032d92a087292
-
SHA1
7b3a60eb255292b565912d7661cc1d7cc9dedc20
-
SHA256
e4df17519d39d292d36e785786198e84d1f0b9b6ce868ce374bb28c82507b397
-
SHA512
1ff3af7e2d0d62a5ed94104b9c59529103a59619fc623206f20be56fb916f33b30f81e8a1ec306b7d920440343f5f5827f8d9de56a61765fb2b4f0b52a5c89f5
-
SSDEEP
6144:BNv7aTHbkmR6C0YaaLRqDR2aygBPX42/sRSbSzOABOs4Z:rTaLNwxaLwDR1yiPX4dRCNZ
Score3/10 -
-
-
Target
$_2_/TenioDL/p2pdata.dll
-
Size
293KB
-
MD5
0a8116b1e43842e3c80283f92995d40b
-
SHA1
ea38ce4eb1e6f80ff3e94afa87ac8ae7e5133018
-
SHA256
5a6d5c77bd731243ae23161bf9717fd93a505d944a32233595e55a16507d82a8
-
SHA512
294dd800fb7e2c7e9721369cb02293fdd4da33a7ce4cb97801a70f80f229a195400a0c143d3ca4b815f7e990a755c0fc85998a82c81913857d843ec6dc3a2fcf
-
SSDEEP
6144:ibQk1vx1qHv/cFOxd2KQZA9py7iO/B1eO+fhNiOAeXHqf:wQk1vxqrdFQZA9py7L/XeO+f3DHqf
Score3/10 -
-
-
Target
$_2_/TenioDL/p2phttp.dll
-
Size
153KB
-
MD5
14d39f3db649d39bea3e14db860e6d9f
-
SHA1
20f134b305dee5415263f9b9a8963e4759740146
-
SHA256
397f93340bc59f3c00f7054c58ec63b8b0b4512b0a5c4c8b658699357fbc6296
-
SHA512
69a6028bf7e74e4c1d4916593b7ff1c3173ea98e0d9ce52087f9bc276c8fddb1e8c8c245a2a6aa0c7e44ba5e7112483f8419407b5a45b5e33ba52490a3dcd436
-
SSDEEP
3072:iNlosWW4RKBz/hJqyFyDydHr4r71/nLjeUacHOAnRE2:OosEuqysOFrqeUaSOAn+2
Score3/10 -
-
-
Target
$_2_/atl80.dll
-
Size
94KB
-
MD5
3c7def3cbbca6284867aa4621d5d8a54
-
SHA1
4bd9852f1f063b9fd1e1829b756d381e14609fa7
-
SHA256
db18738202dcda842dce505ecd0b858d7b4c55886cac29827305f0dc3839143a
-
SHA512
1f9e89114a579bbb0c175d5fb587d58a923a0f556361b2f6c5ae3ffeb139539733e46edb3df1627fa630d5bc80cdf5ff311ca75754ca306345569cd48f51f2c4
-
SSDEEP
1536:RCYlLTNQQ/Nucs4hRKF+HnLoRsV1TlWh8XhylIjwaCi6imXmwxCU4tkm:R7LTNzNup4hAQHnLP+VXmwxCtk
Score1/10 -