Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
6Static
static
3Incognito (2).zip
windows7-x64
1Incognito (2).zip
windows10-2004-x64
1Launcher.bat
windows7-x64
6Launcher.bat
windows10-2004-x64
6compiler.exe
windows7-x64
1compiler.exe
windows10-2004-x64
3config
windows7-x64
1config
windows10-2004-x64
1lua51.dll
windows7-x64
3lua51.dll
windows10-2004-x64
3General
-
Target
Incognito (2).zip
-
Size
437KB
-
Sample
240811-rzcv5sxhra
-
MD5
7131c780c0a51ad4382280f6fc4ee893
-
SHA1
b85fb6fa879d4c600a622010ed239ec3f233c700
-
SHA256
5fc2de76755ab476a4cd3880600a556f0f1e2f6117bcf9ae39b136992c55236b
-
SHA512
62718f7008ad0a1d8197fc6115220407fba4198dd38cd819b19f935e0fbaa9191b9a61e4e8749362fcc541d4d99275e2783855349fc4f07d1e84d7d7f700c757
-
SSDEEP
12288:mZnhJlsDQIOLYBaEALJg18Q+9MBscqs620:mZh8DjOLY8S18Q+9MR65
Static task
static1
Behavioral task
behavioral1
Sample
Incognito (2).zip
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Incognito (2).zip
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Launcher.bat
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
Launcher.bat
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
compiler.exe
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
compiler.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
config
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
config
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
lua51.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
lua51.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Incognito (2).zip
-
Size
437KB
-
MD5
7131c780c0a51ad4382280f6fc4ee893
-
SHA1
b85fb6fa879d4c600a622010ed239ec3f233c700
-
SHA256
5fc2de76755ab476a4cd3880600a556f0f1e2f6117bcf9ae39b136992c55236b
-
SHA512
62718f7008ad0a1d8197fc6115220407fba4198dd38cd819b19f935e0fbaa9191b9a61e4e8749362fcc541d4d99275e2783855349fc4f07d1e84d7d7f700c757
-
SSDEEP
12288:mZnhJlsDQIOLYBaEALJg18Q+9MBscqs620:mZh8DjOLY8S18Q+9MR65
Score1/10 -
-
-
Target
Launcher.bat
-
Size
29B
-
MD5
010844aba640fe1c7a29c746b3e5536d
-
SHA1
0f86396e82884fb66c5146c60ec0e60c8de7f9a4
-
SHA256
6e5623938b8f3503c10012c60897812f45a85c52a44e7806ee9fb64f4caf2df7
-
SHA512
1935a11c9bb6c4c52649eb89f26efa29aad8f867c7d2f64bf311e05dea0b89c7db514a9250941c57bddd9bb3becdc00b74e6bef559ed10f874d88454819038c1
Score6/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
compiler.exe
-
Size
203KB
-
MD5
b10229280d0bec893adc56d42ec7a587
-
SHA1
fdc0eb4e777261884bce71f7f355a53a9668b93e
-
SHA256
ec84510bdc365943310a319fa1569302c96a634bc27ef785c5eb2e6b0a7d480c
-
SHA512
d523b084beec75b84569db6f97c872b64f64a631323cc0be183a9c5424b96ef0fcc43f360d36c575fff992bc0e6a54b4ca32fa4b41ad042e7a10e111274b3d70
-
SSDEEP
3072:ynvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+X:yva5TMRXs0IKiBDbZt4Ggn77+ez3x8
Score3/10 -
-
-
Target
config
-
Size
298KB
-
MD5
4ad602c68eb3aa4c84c73834e653605f
-
SHA1
3afe93611642a34da843e91db323fbec18ac7887
-
SHA256
aa2ac19e959beca447e34da002cc63149c208d8427bb8631344ea069f4bbccba
-
SHA512
9cbb57a762f924768a1ff05cec2f0a05e4c4b6d145a51bec8246bae4f9de382f95809cc71bb6a0592ee97172cf020bdecf00d6997ff4f0242a8ad6458ae7f2d5
-
SSDEEP
3072:CpLKAVn5IsbBoSACROtFD/2GWJmv+yO9CE/eLxb0plHg2Qe7IXh2h:C8AHBoLCUjJWMO0E/et0pF5IXu
Score1/10 -
-
-
Target
lua51.dll
-
Size
389KB
-
MD5
9138c78954eb8bc4aa8543637bae1a76
-
SHA1
fb91599f5124602c600ae841c44c57ac4c6bd41a
-
SHA256
b1763c7e351511ef1d643783150a0274c0e7485bc1f2700828909748f8e45ea1
-
SHA512
5782532e76dc537bf4288e398a97e116990479b7af28a11a98cacb007b8f16fa5bb33a1cfe1e89946ff5bf656621a93ae1483cd595f0f65d151cb5f13dc6a20d
-
SSDEEP
12288:4iZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABM:4e19pm7pCuCt6+w
Score3/10 -