Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3xp-AntiSpy...se.exe
windows7-x64
7xp-AntiSpy...se.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3Uninstall.exe
windows7-x64
7Uninstall.exe
windows10-2004-x64
7xp-AntiSpy.chm
windows7-x64
1xp-AntiSpy.chm
windows10-2004-x64
1xp-AntiSpy.exe
windows7-x64
3xp-AntiSpy.exe
windows10-2004-x64
3新云软件.url
windows7-x64
1新云软件.url
windows10-2004-x64
1General
-
Target
84191833c5c901371ab02036984d818c_JaffaCakes118
-
Size
266KB
-
Sample
240810-afag8swemq
-
MD5
84191833c5c901371ab02036984d818c
-
SHA1
711ba7a7a1cbbabc7c47857a1c8857ac9b623ae9
-
SHA256
d69ffc834e107c749462f1c39fbf1aeb1d6ffd344c3e3788e1b30268c142d2a1
-
SHA512
82da40e7da9b7f404edb5c0379acfe476ceb191b55725cdb584c5c625dd99216fcea293dce5580daafc7ebfbe766ceb283565ad46457e1c8e5bcefee106ce020
-
SSDEEP
6144:jsp7L8XBr5YUPPw6g/Oy6vix4Wa4tlBeANCbQIHfLYntsFLXx9Zg:op7AXJ5HRgUvzh4ZeA8TYn6I
Static task
static1
Behavioral task
behavioral1
Sample
xp-AntiSpy_setup-simplified-chinese.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
xp-AntiSpy_setup-simplified-chinese.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Uninstall.exe
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
Uninstall.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
xp-AntiSpy.chm
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
xp-AntiSpy.chm
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
xp-AntiSpy.exe
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
xp-AntiSpy.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
新云软件.url
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
新云软件.url
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
xp-AntiSpy_setup-simplified-chinese.exe
-
Size
301KB
-
MD5
c4060d4966fb91389ee0966334c3161a
-
SHA1
3286fda7158a3a2e9e0251f0be25436919c945eb
-
SHA256
c698e08514125abe6ae27f2a1db74a1e78dddb6983f0bd3fea19e6d5f1b1d8f7
-
SHA512
14f13537b1a66c88d3f2ba02c8e16e60f8cc36a17a43d7c5053e472d9027c2dd513b194f8ee442135bf332a003f3090aca4b4e13bedee856c76ab963533def72
-
SSDEEP
6144:Tr/3K7EY/bgErxDCT2ekezWWpqCp1YiUiJcruG:38E3yxDy2e2WJp12iJcruG
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
12KB
-
MD5
b3ebe1cb6bdd529302c121dd4e2e0d00
-
SHA1
305f022e7e3ef0ae6cdc5f18bd6adc3032f64304
-
SHA256
5a1696f9892567b3339faf2bf4df5eb1d2d886c49807529028b65f0f493e79b2
-
SHA512
6f6ea4aec1588bb6f7ab4f8422942ac0acbddb8b916af2ead039b434bec6db4d0bf64deb3b8d6cc33666cabd70024a1208411ab6e0ee10bcf98c47951f8d359a
-
SSDEEP
384:7Klm7i+c3QW6ckPhyDEaLnu2bbBBIXwZ:mqi8BcyhEhLjbbTI
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
6KB
-
MD5
cb1fc3cd20ead3e20cbba5d24bc850ae
-
SHA1
7a619e52ca6689c0b49ef39a5477461f9d216936
-
SHA256
079c8d22844c2806b2577c093059e1b0404f295f35b26314fab4ef56df8572dc
-
SHA512
4999ee0cfe07d900905cf626e6febcc148993519a09450fe5ebac2b33fe20e2aa60fe1895d6b1a565376149e5ef42183442c46aad7d808fdeda7f130ecbb134e
-
SSDEEP
96:v1C0Qaep2wbE+WH1/FMXF6CGQhFzK1KQ55nhElMmV4d:Rep2w5k/FyEtxgN
Score3/10 -
-
-
Target
Uninstall.exe
-
Size
66KB
-
MD5
0fe54ab73b704ddb0462a11f6cb2e24f
-
SHA1
5b063f7a886d83a972172cd19c90ad09d980da0e
-
SHA256
2dbbb592dcb26ed520e6241553b0f59cff0ed805e1dbfbaed2891c5d59583e44
-
SHA512
03420d3d6eac8fe59f5791ad94877043422239f3f46b16c045b9133b81f036bb4c729466be5cbfb8a611147e18a81640f6cb95e963ba6116241a5a7d2387d60e
-
SSDEEP
768:/r9PAmQk+vuJlRYnQ5+lG0eIFodAQ3rFS6sWkJHCPNOQc142FtWwSICP8nn3gYRC:TVPH+sliQMJHSbkJiPUQcREYRN7k
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
xp-AntiSpy.chm
-
Size
132KB
-
MD5
b272339c21fc9144788d047809fba02e
-
SHA1
42a1769d746b2fa54113de0e2fe8781ef060bc49
-
SHA256
738ae0da08ff142c983bf1bc9c804e8e2eb25f15fdb3dd40ffd4d98f1da6f5e1
-
SHA512
289edf4403bca6c2128c35674925a54fc2f507b97bf945c31c379cdce6725819c896f7fa9ed3dd7820ea536dd377006f7fa2bb3876cf9016f49be190e293da4f
-
SSDEEP
3072:f9uTVL4hQZq+gn/LHyPT29AIbddQJG5nyZ1G744Ua9kE5:f9WVceZq/LHyKAIbEJ1Z1GE4UW5
Score1/10 -
-
-
Target
xp-AntiSpy.exe
-
Size
300KB
-
MD5
9f687752732517a19fa52dbe1c4deb4b
-
SHA1
3c016d7aa7e7ec502760cb15b0be6eeaf2d2a528
-
SHA256
180232bde1f5280c659e6eae090b1d227e43e1c449fd684046461411ad44b9e1
-
SHA512
05eae246c09b5039ca2c785ea3ade9c771dbbdc454ec5f92624b134a4f4c2b238796493075803f7daa7b4ca59829b562fcae55c4f5f1c8a6cdf56253b38ac3a7
-
SSDEEP
6144:gwfM7nhTpLXoMyd5HZeCcDtPzX2Fhc68JNe:gKM7RpLXPY5OAjcfO
Score3/10 -
-
-
Target
新云软件.url
-
Size
133B
-
MD5
4f0017b3b346bd0626f0c3b915e6e734
-
SHA1
823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
-
SHA256
df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
-
SHA512
0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score1/10 -