Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Incognito (2).zip

windows7-x64

1

Incognito (2).zip

windows10-2004-x64

1

Launcher.bat

windows7-x64

6

Launcher.bat

windows10-2004-x64

6

compiler.exe

windows7-x64

1

compiler.exe

windows10-2004-x64

3

config

windows7-x64

1

config

windows10-2004-x64

1

lua51.dll

windows7-x64

3

lua51.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Incognito (2).zip

  • Size

    437KB

  • Sample

    240811-rzcv5sxhra

  • MD5

    7131c780c0a51ad4382280f6fc4ee893

  • SHA1

    b85fb6fa879d4c600a622010ed239ec3f233c700

  • SHA256

    5fc2de76755ab476a4cd3880600a556f0f1e2f6117bcf9ae39b136992c55236b

  • SHA512

    62718f7008ad0a1d8197fc6115220407fba4198dd38cd819b19f935e0fbaa9191b9a61e4e8749362fcc541d4d99275e2783855349fc4f07d1e84d7d7f700c757

  • SSDEEP

    12288:mZnhJlsDQIOLYBaEALJg18Q+9MBscqs620:mZh8DjOLY8S18Q+9MR65

Score
6/10
discovery

Malware Config

Targets

    • Target

      Incognito (2).zip

    • Size

      437KB

    • MD5

      7131c780c0a51ad4382280f6fc4ee893

    • SHA1

      b85fb6fa879d4c600a622010ed239ec3f233c700

    • SHA256

      5fc2de76755ab476a4cd3880600a556f0f1e2f6117bcf9ae39b136992c55236b

    • SHA512

      62718f7008ad0a1d8197fc6115220407fba4198dd38cd819b19f935e0fbaa9191b9a61e4e8749362fcc541d4d99275e2783855349fc4f07d1e84d7d7f700c757

    • SSDEEP

      12288:mZnhJlsDQIOLYBaEALJg18Q+9MBscqs620:mZh8DjOLY8S18Q+9MR65

    Score
    1/10
    behavioral1behavioral2

    • Target

      Launcher.bat

    • Size

      29B

    • MD5

      010844aba640fe1c7a29c746b3e5536d

    • SHA1

      0f86396e82884fb66c5146c60ec0e60c8de7f9a4

    • SHA256

      6e5623938b8f3503c10012c60897812f45a85c52a44e7806ee9fb64f4caf2df7

    • SHA512

      1935a11c9bb6c4c52649eb89f26efa29aad8f867c7d2f64bf311e05dea0b89c7db514a9250941c57bddd9bb3becdc00b74e6bef559ed10f874d88454819038c1

    Score
    6/10
    discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral3behavioral4

    • Target

      compiler.exe

    • Size

      203KB

    • MD5

      b10229280d0bec893adc56d42ec7a587

    • SHA1

      fdc0eb4e777261884bce71f7f355a53a9668b93e

    • SHA256

      ec84510bdc365943310a319fa1569302c96a634bc27ef785c5eb2e6b0a7d480c

    • SHA512

      d523b084beec75b84569db6f97c872b64f64a631323cc0be183a9c5424b96ef0fcc43f360d36c575fff992bc0e6a54b4ca32fa4b41ad042e7a10e111274b3d70

    • SSDEEP

      3072:ynvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+X:yva5TMRXs0IKiBDbZt4Ggn77+ez3x8

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      config

    • Size

      298KB

    • MD5

      4ad602c68eb3aa4c84c73834e653605f

    • SHA1

      3afe93611642a34da843e91db323fbec18ac7887

    • SHA256

      aa2ac19e959beca447e34da002cc63149c208d8427bb8631344ea069f4bbccba

    • SHA512

      9cbb57a762f924768a1ff05cec2f0a05e4c4b6d145a51bec8246bae4f9de382f95809cc71bb6a0592ee97172cf020bdecf00d6997ff4f0242a8ad6458ae7f2d5

    • SSDEEP

      3072:CpLKAVn5IsbBoSACROtFD/2GWJmv+yO9CE/eLxb0plHg2Qe7IXh2h:C8AHBoLCUjJWMO0E/et0pF5IXu

    Score
    1/10
    behavioral7behavioral8

    • Target

      lua51.dll

    • Size

      389KB

    • MD5

      9138c78954eb8bc4aa8543637bae1a76

    • SHA1

      fb91599f5124602c600ae841c44c57ac4c6bd41a

    • SHA256

      b1763c7e351511ef1d643783150a0274c0e7485bc1f2700828909748f8e45ea1

    • SHA512

      5782532e76dc537bf4288e398a97e116990479b7af28a11a98cacb007b8f16fa5bb33a1cfe1e89946ff5bf656621a93ae1483cd595f0f65d151cb5f13dc6a20d

    • SSDEEP

      12288:4iZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABM:4e19pm7pCuCt6+w

    Score
    3/10
    discovery
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks