Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

FluxTeam.zip

windows7-x64

3

FluxTeam.zip

windows10-2004-x64

1

FluxTeam/FluxTeam.exe

windows7-x64

3

FluxTeam/FluxTeam.exe

windows10-2004-x64

6

FluxTeam/F...xe.xml

windows7-x64

3

FluxTeam/F...xe.xml

windows10-2004-x64

1

FluxTeam/Guna.UI2.dll

windows7-x64

1

FluxTeam/Guna.UI2.dll

windows10-2004-x64

1

FluxTeam/M...ain.js

windows7-x64

3

FluxTeam/M...ain.js

windows10-2004-x64

3

FluxTeam/M...bat.js

windows7-x64

3

FluxTeam/M...bat.js

windows10-2004-x64

3

FluxTeam/M...fee.js

windows7-x64

3

FluxTeam/M...fee.js

windows10-2004-x64

3

FluxTeam/M...cpp.js

windows7-x64

3

FluxTeam/M...cpp.js

windows10-2004-x64

3

FluxTeam/M...arp.js

windows7-x64

3

FluxTeam/M...arp.js

windows10-2004-x64

3

FluxTeam/M...csp.js

windows7-x64

3

FluxTeam/M...csp.js

windows10-2004-x64

3

FluxTeam/M...css.js

windows7-x64

3

FluxTeam/M...css.js

windows10-2004-x64

3

FluxTeam/M...ile.js

windows7-x64

3

FluxTeam/M...ile.js

windows10-2004-x64

3

FluxTeam/M...arp.js

windows7-x64

3

FluxTeam/M...arp.js

windows10-2004-x64

3

FluxTeam/M.../go.js

windows7-x64

3

FluxTeam/M.../go.js

windows10-2004-x64

3

FluxTeam/M...ars.js

windows7-x64

3

FluxTeam/M...ars.js

windows10-2004-x64

3

FluxTeam/M...tml.js

windows7-x64

3

FluxTeam/M...tml.js

windows10-2004-x64

3

Resubmissions

10/08/2024, 11:21

240810-nf71dsxbkk 6

10/08/2024, 11:15

240810-ncwg7a1cpb 3

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/08/2024, 11:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FluxTeam/FluxTeam.exe

  • Size

    443KB

  • MD5

    40918b19a89cc4dcf6ec03c7f07ccd35

  • SHA1

    26ec973875e0a5b4d4bb0b3eef70a701f3b86c70

  • SHA256

    f723a08340dd51b9264b6dd4b9105634b4537428bc86e1efd93af768501dd66b

  • SHA512

    ce5dbdeb674cf3daabaab3779ec749f7114177dc251e79aafaee4bc46b33b453355ee2b02dc146b93b22693540da104bcb256fe4512b8933c5f8774a34f9f31b

  • SSDEEP

    3072:lE9B3Bqu9ifFz2VGjaHyMeu8xgIEMiu9iM:QB3BT9CCVGYxerxgIEMr9

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FluxTeam\FluxTeam.exe
    "C:\Users\Admin\AppData\Local\Temp\FluxTeam\FluxTeam.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=FluxTeam.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2308
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d09a21f2171989e6a8468752702e54c

    SHA1

    d718ca70f69742c9b6f4c6f59688f92f8ef62610

    SHA256

    718622d125ff5df8bac258f098946fdae9a39365b41164246cf81574df48501c

    SHA512

    30a1fcf07bb750e8f97d8c427c1b8c86d522d3b70e1491c46b56abb921c84fafdd51ca0cd5309963ac47f1ff14f4f5f60689f772ad29b2a4d01592a1b46c5b56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ec57fa48bf3b945846762c3680e5a3e

    SHA1

    2591e502d060561be0f298b493c824aa91ec098f

    SHA256

    d6a9429ef92d7cf5343296b1229a294021ef21ba1affbd34da2acdfa9d4315d7

    SHA512

    35dff799a2572580c9a57a5dafc62271133d068f7645a79234f974bcdeed955249ff75815497ee55fcf2470d45f11357a0db8d89a1b2120e124e3b3951c368e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    faaab872b2050cb58f5e5c8ee429c79f

    SHA1

    c6a76cdd0536bbde425a1f46177713e540d764ed

    SHA256

    e761b0e0bb50e33482654f0bafe51e65cf1a598da4c9989c3e0171fdc70d4427

    SHA512

    3bcbb4161a0d264b7387727f16fc6c9a651fadd3ec3ff7c945e344202573f6e0cda1ec61a52dbee225650b9c58990aa5b73ba32ff29d99e69a2bf4f7dc4b4289

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ac880015d34c4263ed8904f791b7a23

    SHA1

    40a2d64a3c1b7aa1a5aa6cf2f8c209753dac500e

    SHA256

    fc0449d645b7b913ab9965e0006daaa4385e6b48897430211a5cb3aad5abf59c

    SHA512

    854052746cda22d2a3d6e2cf802e8e7c6f225070e5fe2e84adab07e3ad7217ece5363268408f6eb2500f78fb34ae70697a798cb1ba332ab951749d8986307e0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e2ca89f624a88bc3c2272ac970def59

    SHA1

    d566262bf27e283be847c187f59a8274fde59ac7

    SHA256

    88d1813dae7cb1e3e4d43018ca7085d357efa5023c209390b1464a47ccc48923

    SHA512

    91319fc30ab042e72299623eaf0cde63d073051b900ef9af29d060c54f0f925dcdc1d2b7de31c1350bab95c1fde61fed7b3804b910638a2b1426c10734998f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    747c6df52224979920c524ddc9aea89c

    SHA1

    048da471d5fb93b769ac4fc497b7bd5732e6e3ee

    SHA256

    9cc5556148d60f272b0ddbabf9d6e062fd69f36e326ba6cac50d8d2747c551ac

    SHA512

    4500a2a6a105a4676471e33e4e7e86ceb34900451db37a80f834034d9f11c491534177ccb7717817ffaca82b37a2045e082015b6e71ba538d1a51d09ec267fb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bf92612c39e42913d451e8526c3cc25

    SHA1

    043f82680ceddd31de7d3458259dd2e2543f35ed

    SHA256

    83a28238abf8d8a6cd224d290660b76814c232c7e2343ad213a3c956a2a3f75e

    SHA512

    c5d06130b6c32a2b80903ee285cccd746daa93aeddfc34934b1077fbbab4037f0368b63d104f6d9e51f1761c7560d9d236b7bc5888e9d405acb2efafe50fbd51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b83bbca9d1f653a3d5b03cd935ee35d

    SHA1

    bd529eab0615aeeeb149a64aee067abbdd9126da

    SHA256

    2d6d4bbf8cd85f095addd66aaa3e993c875ad7fcd7a63c52f3d9419e793d6a45

    SHA512

    6db364cdbc3cb14f38cb89ccc8ec167dd3b678ed0d2d4572d498d5090f76733227d623cf2c64db82aae6f83947a8d4f9fe41b55751eea716ca0a97c30cfc2dd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20b0e82fe502df4408edb2fd9d4d436a

    SHA1

    5b88018419a50aaff8730310a9f72c0412874ec7

    SHA256

    afc18b15847dabfff3a02b453b98d9050f325e09244bd5b7bd1834aa847bb98a

    SHA512

    9601921bff349d33923e20fbe2b0c1395a0640cd1eb4ed2ee557f0705ae2efb57b4926983c78b48d9ec8c9df6d0f9fc5f4d6fd9b037bb84359aec9f105dcc1df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bece10eebc1fad7ffa9e240f8d7a4bed

    SHA1

    f3d4dbc487430a85f7f93511ba79a5b004809c92

    SHA256

    3cc6f5de33949cba11cb9b637ebe50fdd69f3578bc57d5e3dae9f83518c9f893

    SHA512

    226a7b5e2373691aa3da7dfb9b919a22b60b68be59728e44cafaed8ff69792fb3d5269abbe3135b43e15338d2a3da19713edae8ee23170034d823fa246ddba19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c737b7ebfd38f6753ecd08b47ff7382c

    SHA1

    65b4fa6202fe5188639b23b2bc1bd194b96ec24a

    SHA256

    68b94eea273c61c96625511ebbb443b7b46707a4de843d835dfe20025ff6b7d6

    SHA512

    073567d7c1b854c3da1d46009a7a203b12942ea54a13e0979a64e038b80facfdf44b7407f4689b0ee10bbafde4e1b11723faa4e85d68c7b0afef5b84ce7e7859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22d7b01fa24ad85b6590e33af9d728f8

    SHA1

    ecaa8d0168a040848e89b024b66e7b6b29ce3ce7

    SHA256

    4fb26d994b8421cb00a17cd3986697b04942e9b7c79f5929e85338ebd10b39d7

    SHA512

    7593869c90fa42ed573982850f0c23de9aba2bc7b7abc6aa63f4fc464c808f748f850848e8df7babb99d74b08a795a4c0850e143f49bda0ef3513a4c8fe74d47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f7f10e836ed90f8394e30de4f1206c4

    SHA1

    6096b3154b4e729bdb742d604c886589a0a3a2aa

    SHA256

    a386f2a703b3d12df78dcd62e9276224141c8bbca9e8a3f882b9c4ec274dec27

    SHA512

    aee6c7841222e093fa00aa5e16046968d45128ff9960c7c1f52441c68c3574087f28b15533557cc0fc7048e9b46776920eb84f29d07604cd301902172579b5bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2de4ff4a40a1526fbb0a5cdc3f115721

    SHA1

    4470643cd40238721ccf7fbf001ae4d4a4a45d31

    SHA256

    00266762b3851e7f0c64dfdcff7cace9ef073b98c59963e7a873173e19ac2527

    SHA512

    cb0282ac0209eb5666674ba5466f85ae470a9fc90549c50784a8f6c3cd96cd978ed19081979c503c28851f184f5f2f60b5e523a26a6b2584eba5db038c155c8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4F98.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4FBB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit