Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

excord.js

windows10-1703-x64

3

neverlose ...ik.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    neverlose esoterik archive.rar

  • Size

    10.9MB

  • Sample

    240806-qe8lmszepk

  • MD5

    89dd8682d38462580bf0172eb3a5f9a3

  • SHA1

    db54e469c1852131535ac57e3c0d43562b12f5ae

  • SHA256

    2205d416f69c7b85d925f38b98a2a1cc37b957367a05f2d8af641fb8966192a4

  • SHA512

    3c571f73c03f3d8b50745dcd2e4fdf2672c895311d4b659c0de7221671dc6e3648318aa8360fdbfe29b0afe2cc1aa5d5c6942a188885c3ee14a87b90336d582b

  • SSDEEP

    196608:u4CxoZXvVPWYWoYTfqLXKdbbnKnYEZEfuo6EzvBUPgsVyXlmDHfctYDdeuo6jN1Z:7qMXv9WoY1NbKnefuo6GvsglmD/ciRLt

Score
7/10
discoveryexecutionpyinstallerupx

Malware Config

Targets

    • Target

      excord.lua

    • Size

      93KB

    • MD5

      c8a7c9b07c549b8101507953d7dfbc97

    • SHA1

      25ad0cd00063771cd45c6131aa43997a6dec0f8d

    • SHA256

      90be33d3da80b38f15055b3881ebadaf8559cd91902b92fc3ed07bb2a466da5f

    • SHA512

      fb5b79cd208cf82b69e5fa0e7dee3632d6823a4474ce0b600eb6a85cf33815e7cfbc0bf01054a218c40c140dc61fe7a6b6f3e6f5b69fda61b3ec172c011049b6

    • SSDEEP

      1536:vJSMqH+1+7FzaLiphqSXImzf58ytH9fJFZJn9HnRJK:vJSMqe8Bii7tzFdJNRA

    Score
    3/10
    execution
    behavioral1

    • Target

      neverlose by esoterik.exe

    • Size

      27.0MB

    • MD5

      60342229f517200cf5dae5596235fcd0

    • SHA1

      f150ae807cc1528267c7bbc85fa57b366d97803c

    • SHA256

      297a30e1befaf56a33705f64cd30777ab739d83339765064a84e8b5552fc8456

    • SHA512

      19547ffa4250b71a92edd888663de07219433da7d4d75c95170c48a564fcae6ba737babcbf3c86520dd63a5d2f2ca7e9bb56e20066b0dd23604e8e1ec4c15259

    • SSDEEP

      196608:NRrhPA0mtSHeNvX+wfm/pf+xfdkREZWKsnmrIWOzW0Daq1H:b2btSUvX+9/pWFGRyBsnmrIWeRa4H

    Score
    7/10
    discoveryupx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates processes with tasklist

      discovery
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks