Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SpotifyPremium-main.zip
-
Size
73.5MB
-
Sample
240807-v1nktavbqc
-
MD5
8c8dbfcbc90ce2edb5e89e82119bebc6
-
SHA1
11e2f51fd6f59e89c78c052902cf812e73e9d11d
-
SHA256
875a892309034bae5d61ca84b5f82d6de3f8f7502276330735a1eef2afbe8547
-
SHA512
c8e9e8d47343bd179c5a810f772e2a29d65d4a4cee3935558a8ace1e6c127f705a154a78197ed882dbae28d8e479d7242489d606e857aca0fd0ee9084129410c
-
SSDEEP
1572864:1w6++nVLYtUVSCIea0B7yyojLIe50ucwypN6ohjiCrhrlWkzUfd:1G+nVLMUVdLzupXHypN6a9ukzUfd
Static task
static1
Behavioral task
behavioral1
Sample
SpotifyPremium-main/PatchSpotify.bat
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
SpotifyPremium-main/PatchSpotify.bat
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
SpotifyPremium-main/SpotifyFullSetup_v1.1.22.633.exe
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
SpotifyPremium-main/SpotifyFullSetup_v1.1.22.633.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
SpotifyPremium-main/chrome_elf.dll
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
SpotifyPremium-main/chrome_elf.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
SpotifyPremium-main/PatchSpotify.bat
-
Size
555B
-
MD5
4ca101b1fe032e90dc8949e39bcdcf62
-
SHA1
928a6086baa6fa7004291d89ea552f8f69f8ff91
-
SHA256
67ca76e9f25b686b6931dbd2ea342eab2024476523dd2efa499898645fff3fcd
-
SHA512
302421d094bfa04a2c520f501d6bc82d5e3d56eed3d8240451ef34ce76d5b8b7f200fca73720e0b0b81863bd3e14b859e33fa7eca1ad064e83eedd85ac517cdd
Score1/10 -
-
-
Target
SpotifyPremium-main/SpotifyFullSetup_v1.1.22.633.exe
-
Size
73.8MB
-
MD5
0110c6a8ce97ff3f935fdc76204664e7
-
SHA1
f6b6a5bc668743efd6450fad58c7dafc79b35bab
-
SHA256
a15c0e6d15233022cc903d352d186f87f3f8f6964f790a6325951f2b6adb4de3
-
SHA512
e704ee022f24e8fbc06fa7a41cfef430626cf5e67f62f31b20cfed64abfcc444e4028ab1cb3110f470bd579257912358009689cf9876d620468b703d59a77c45
-
SSDEEP
1572864:Odi2YmBJDolobiCOCIIJbg0ahx6W5KscS+rf08vLq+H1n18q7Ixz:aamBJDWoblVNq5t9+rf0Wjoq7Ixz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
SpotifyPremium-main/chrome_elf.dll
-
Size
193KB
-
MD5
5b8c50ae2790034c81a947269470f214
-
SHA1
72fe48dd2b34e6f6eb9a89d7ba34979effa1a69f
-
SHA256
ec66275d4ead8b6fc8e4c8fa5200a4917787c94522bf0cf35685002525944623
-
SHA512
5f05ddeb40603062b4b209fc11abb5afce18c6cdba8cdad1d5ce7ce5d6b6b0e107efa54d15dd1ac080934d998858ee096536206e40f7ddbcba891cc16ebc4f2d
-
SSDEEP
6144:K+28aobZkgYQcMZ3kVawuD8eTAOrd6zZd:NxWgYGyuD8kOzZ
Score3/10 -
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1