Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e7599962a3...0N.exe

windows7-x64

3

e7599962a3...0N.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...64.exe

windows7-x64

3

$PLUGINSDI...64.exe

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...tp.dll

windows7-x64

3

$PLUGINSDI...tp.dll

windows10-2004-x64

3

$PLUGINSDI...tn.dll

windows7-x64

3

$PLUGINSDI...tn.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ol.htm

windows7-x64

3

$PLUGINSDI...ol.htm

windows10-2004-x64

3

$PLUGINSDI...oll.js

windows7-x64

3

$PLUGINSDI...oll.js

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

YoukuDesktop.exe

windows7-x64

YoukuDesktop.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7599962a35047eb9fef1bc68e3a1ec0N.exe

  • Size

    584KB

  • Sample

    240725-wew6havdmr

  • MD5

    e7599962a35047eb9fef1bc68e3a1ec0

  • SHA1

    a90fa535c26beb9712b2370bda874279db009bca

  • SHA256

    e600e96c5d671e21beb00fdaf71c226f50370b7b054d72dd4af6cf51da27dcb9

  • SHA512

    eafd3c72c6d031f62d562c3f60f0df3e720ae695fd7b224ad7d5a4b9c653189677d883af12c7d15709c219eed151905f89bb2e5a928895555819b70cfa73ffbe

  • SSDEEP

    12288:yEFseYDZRW8F8SsHBVowrNU3WxYP69f1h05Pp:ywOZRrWRhVowrNU3WkStGx

Score
3/10
discoveryexecution

Malware Config

Targets

    • Target

      e7599962a35047eb9fef1bc68e3a1ec0N.exe

    • Size

      584KB

    • MD5

      e7599962a35047eb9fef1bc68e3a1ec0

    • SHA1

      a90fa535c26beb9712b2370bda874279db009bca

    • SHA256

      e600e96c5d671e21beb00fdaf71c226f50370b7b054d72dd4af6cf51da27dcb9

    • SHA512

      eafd3c72c6d031f62d562c3f60f0df3e720ae695fd7b224ad7d5a4b9c653189677d883af12c7d15709c219eed151905f89bb2e5a928895555819b70cfa73ffbe

    • SSDEEP

      12288:yEFseYDZRW8F8SsHBVowrNU3WxYP69f1h05Pp:ywOZRrWRhVowrNU3WkStGx

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/FP_AX_CAB_INSTALLER64.exe

    • Size

      87KB

    • MD5

      dffabbe81cc7b6a546b8a441fc178555

    • SHA1

      9c644fa07dc95b7a813d2b091ff0fdaadc402b49

    • SHA256

      b02072a210a6a4605c05751d69405603cfc76ac51e35c87fe592ac0b6f4704d1

    • SHA512

      4fa1c2b9c34b32ca7f8d2345eaef5fd7f2d714287f6900ab7f749cc781aa648bcc1618ae534fd6578a1a797b588815e81efa3779d752890faa8f1f758683782d

    • SSDEEP

      1536:dWKkfQ/WhHO2Vg8kpVuie/IvEpzejfHwxkif+bjw1Qrrx8ncjaaY:dWKuQ+hH3Vg8qIiCMg8vwxkif+bjw1Qk

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/GetVersion.dll

    • Size

      6KB

    • MD5

      5264f7d6d89d1dc04955cfb391798446

    • SHA1

      211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc

    • SHA256

      7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4

    • SHA512

      80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7

    • SSDEEP

      96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/Rfshdktp.dll

    • Size

      2KB

    • MD5

      9410591a148871a6d0629cf25b94526f

    • SHA1

      be1e8b0fe8327f185136a0d2460a68f720484535

    • SHA256

      acc76e81f71e7f2ba58c36d678bc9ae4705e0187a3cdfa6d0025190467d9c0c7

    • SHA512

      465d3e418e769b907262e07cbca3d2c5132bf328431d456be09c059821be20a6d30106562d7ef0bfa93ca219b2abe57ee891d937419fc4b8840987b184b45df0

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/SkinBtn.dll

    • Size

      4KB

    • MD5

      e4ec95271ff1bcebab49bdfed6817a22

    • SHA1

      2c03e97f4773aea80ecdb98a1482e5896fe4677b

    • SHA256

      ee1c06692a757473737b0ebdef16f77b63afac864d0890022d905e4873737dd6

    • SHA512

      771a527133806307a1b17b7e956d6a3c16e9bc675bf084b43204ae784a057dac2726dbf90645692876043a4e7365ba8825c167621fde4760c79cd84679e2aa3d

    • SSDEEP

      48:iIf3aEDfeWm8JHFQbUrUPJJDFoetaxn/pFW3GNivz187eqzI/kMr8oX0Zbj:lv9Dfw8DQbhD2iaxn/PHmiNI/dQFZH

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/SkinProgress.dll

    • Size

      4KB

    • MD5

      cc037c4703d3ec257efeef2ce0a1a20e

    • SHA1

      b3d6cc8f687a31fb2c1a5921a38de9429af20502

    • SHA256

      888b32ecbc37ce67d4edc28d894cba0a4f4e2488cfc2212d1af011bd0bfe97ff

    • SHA512

      120bfa0a68775bef04c1863023b0e73a41982284fb36da7f497fbb7d5ed8631ad02fa09951424d339f6fefaa90a17c12f949dd68bb33bad64b1b7cace489d2a7

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      18KB

    • MD5

      f4c53393f965edc7b40b3db3ee795af9

    • SHA1

      59f45733ca2cd0af4155bdde3ca45fea9008f7ed

    • SHA256

      cd66ba3f2f35ed823e740addc1bca8dd8547e158d2b0000ced6b252433b5dd5e

    • SHA512

      37724bec245a9219c24a40e426635efaf9a582381ffbae70a9003756ff1e1566197747c568c46b3fc0cee114ca0bb259f57f3292979e16d8d9acaf6e046b8c8f

    • SSDEEP

      384:AXU8AHMsuAbwKKwFwcnAoIx2Ta5p2/V0H+mpbZ5BzISD:GAHvuiwhwFmBgV0HzpRzI

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/WebCtrl.dll

    • Size

      5KB

    • MD5

      418a34a689d5f9bb85fc951168749edb

    • SHA1

      0b75ce26883e12944abdbb67c143000fd0905d6b

    • SHA256

      915322078d1f8eb278250f446c1960e1555ffa0f8dcd048a48ed32fe7f5a5b3f

    • SHA512

      9aabb74cfd37cbda4718077ba76c7906e0f3ab5949e99f9d800fb1952757a60cabe29413f054f62e2887ff57aeb9d355532fd1662ebf3a523a500b20fe702b90

    • SSDEEP

      96:LyoDfEPD4Z0H3G7bLTb3LOg0AwBeRzrJ:LuP0aH3G/LX6g0x4Rz

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/WndSubclass.dll

    • Size

      4KB

    • MD5

      0a0218f11d82cdcc4f50de8edd58f3ca

    • SHA1

      ba387579a8ddd175811c762902a9bf3a51ba9fd2

    • SHA256

      938e4ae758aebc6f1609aab9f8d068689fba91c6f3bf5bb46e4df575616fcd29

    • SHA512

      46742bc09b5199ac16fb2753a4b1584fa1b39d497869719e297574dfbfe4a0aa86ba7c6b77ef38e5e27734005c9d15036c52a577b08cfdfa104daae2ee756a5e

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      $PLUGINSDIR/install_protocol.htm

    • Size

      21KB

    • MD5

      bbdc07da640480b0391f3cae5ba10772

    • SHA1

      a56ef016fc6a67b561449b4401f7e2e809950358

    • SHA256

      a22ee9e440827b7815d38679485b9fd3f310748d34ab66305f1c6f56cc593e3e

    • SHA512

      127244740730c54423c7697c0862948bf035499b30a142d769aa83d5ae72bb8fb326b7089872b6aa86e1f4a31caa2c7d3c83c0681392ac714d7eb2fe064fe021

    • SSDEEP

      384:m5kZ5mI2B3duy5abXY+vztniYKK8i/BEKxbSm+6os:m5kZ5mIShKXY+vz0YKBiZF2mAs

    Score
    3/10
    discovery
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/jsScroll.js

    • Size

      4KB

    • MD5

      24862d5a9c85c2c6792a26475de990bd

    • SHA1

      dc5aed9172656a8112ebd8144df1e8ee4d2b39d7

    • SHA256

      913da011a9a268a082669fb5f5d590f25e8f32e44bbd4b0e03e8e134712e0bbd

    • SHA512

      983e50f7ccf62c812336573bdb461c8d017dc02fa21ad5886aa95b89eb09768098fa89982e798b996463758c826000f95bbeb5a6dc0c6d3cfb1f5ef723611f67

    • SSDEEP

      96:Q+kET1Tt+484iCqPCvDdthTpFVDDlRcuP2hfdw:zx44845bNpbDERfy

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      4ccc4a742d4423f2f0ed744fd9c81f63

    • SHA1

      704f00a1acc327fd879cf75fc90d0b8f927c36bc

    • SHA256

      416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6

    • SHA512

      790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb

    • SSDEEP

      192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      05450face243b3a7472407b999b03a72

    • SHA1

      ffd88af2e338ae606c444390f7eaaf5f4aef2cd9

    • SHA256

      95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89

    • SHA512

      f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      YoukuDesktop.exe

    • Size

      600KB

    • MD5

      ba5913a9aecd34a3c54912d0f2eb1453

    • SHA1

      0b074107e02d915633c3be1f750c2d7ebc4cec30

    • SHA256

      e98f72a05ab0cea14ed6449c5ddb9e3b257c62018743631f7898e975946ac3f0

    • SHA512

      b32ca005e1c8fe74158e4ff1bc4ca9d5c801587ad8631d0627f8f321ad6a55a94cc88143d38b83bc2688176f43a651618dcc5a7cae55a9487f15f5d0eb29c6d6

    • SSDEEP

      12288:gO3M4fugW2XFkBBRoWGVKJQOLgCwOxMiP+m3F5i:51bWGVbOfBMQF5i

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

Score
1/10

behavioral32

Score
1/10