Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Release.1.zip

  • Size

    151.0MB

  • Sample

    240811-z61jsashnh

  • MD5

    d2110db73f1f7ef46f52ac242ffa3a53

  • SHA1

    ce32ca3799d9bf7fb1d9c89a7d6a37aa2aebc74c

  • SHA256

    50075722aa0970650d88d6c29e8c3f45e684c99be8d4865e8c4daf5ef937bd72

  • SHA512

    88fe08c1d660562e978d43d35ddb56b9d8fcd981fd50681908c4645dfae6019d4813328e1a5e4a7687810a48e843bb9091ef3074aef494ce5f904864a06f6919

  • SSDEEP

    3145728:pf8OFA+D60opS+Z62yoiphIOMh+GvVXyX/CLeDM/4Xo9LcY2TYM9:mOFA+D6bSy6MAlstXDyoQ3nYM9

Score
7/10

Malware Config

Targets

    • Target

      CefSharp.BrowserSubprocess.Core.dll

    • Size

      1.1MB

    • MD5

      5b745ee879e65f7a47c56265881f16e7

    • SHA1

      e6a90771b8f1bf53beeb7c9e4268756ff07a088d

    • SHA256

      c8944a83938c39fbea72700485db8a61ab82e1c51d8e16d5dd48de4e36a6f264

    • SHA512

      3b4bef98a1f751c3a747de0eb050828bf8474efa68aa7a26d0369f1c3b42829eaab221cb612c005a54ed5b84f19180700e51aab39adb84fe7246d9e91e6899c8

    • SSDEEP

      24576:0u7vjXauHhY9GlRDLFZbJ/ogbZcECacHIDCRCSpb+ms0veXCJ2ZiVxhEDssQjPcd:0u7l41pKms0veXCJ2ZiVxhEDssQjPc8F

    Score
    1/10
    • Target

      CefSharp.BrowserSubprocess.exe

    • Size

      6KB

    • MD5

      bcd22b9511d5383e23d875e2cf3c339e

    • SHA1

      0ef86afaef536cc4b046ea2866414bb193d60702

    • SHA256

      95dd31f11ac1317559b6eee0479739930d503a4938283f5d831ac8add92ad792

    • SHA512

      c4e6821858720895c0bfae797097e3307bb7ea8f03dde4fefc16cce03b2a50fecfe8ed5c3225136fcd9d74ee0ed8673f795b410cd14890d22df58c1f03b693c6

    • SSDEEP

      96:v6ZxBI7kNmQBDvJGSkX6eFZJetmAhNt61OYcXe5U:UBIimQB9eX6eFZgsAYcXeS

    Score
    1/10
    • Target

      CefSharp.Core.Runtime.dll

    • Size

      1.7MB

    • MD5

      21719cf581f5cc98b21c748498f1cbfe

    • SHA1

      aaada7a02fadcbd25b836c924e936ce7d7ee0c2a

    • SHA256

      6fd2685e02ef7c92ba5080faadb44f22fee528713f5101e2841c1230cba691e6

    • SHA512

      6394ddabc7ad03895ecddb9943371935e0a2320e933b380a563eaf03d1a039c7180aee763834170c85485416b1af38b55c1dafff7311b25513369b01dce22598

    • SSDEEP

      49152:CcWYPM4G6kaHqcHCgrZi5C9xh0UsWLgiHesm2qCUD/yNWYxtYtUkjCKf462gQkAD:TP

    Score
    1/10
    • Target

      CefSharp.Core.dll

    • Size

      897KB

    • MD5

      16f8a4945f5bdd5c1c6c73541e1ebec3

    • SHA1

      4342762c43f54c4caafaae40f933599a9bb93cb5

    • SHA256

      636f8f865f23f2d47b73f3c16622e10b46437bbf7c89b0a2f70bae6129ab046a

    • SHA512

      04115c425c3015ee4355cde2a6e5e28ec24745ea77761a40c0986b54dc14bc67cb142986988d79df87e75ea54d21ded9384842e01cf0714b84f7378e6a13400d

    • SSDEEP

      6144:cJXlLt6r1zItQCtpf/Xg8HnJQvq6qea0zWEmjBZre7W0vnlYviqJ9/z8+irWGvgc:c5lLtg8/XIPrsNZ0Kiq8uhtt

    Score
    1/10
    • Target

      CefSharp.Wpf.dll

    • Size

      114KB

    • MD5

      36946182df277e84a313c3811adac855

    • SHA1

      bcd21305861e22878271e37604b7b033ec347eb3

    • SHA256

      8507a4662220eca49d7d511183be801cd394f13dc0e9898c55361020fe9a4720

    • SHA512

      80b1e947b1940dccfe5be8a1ba1e8c1d9eacb122d73724a21233164f5b318fa57c249256f621f0f9c1e6a9e4c902eec58827bb899e20f2990f4ade1d685f1abd

    • SSDEEP

      3072:tvd969S0dZqKLfGlAW9mLGKOiGfiVmVgGs0COe5w5tnR:tvb69SSZqKLfGlAW9iGliAVgGp3t

    Score
    1/10
    • Target

      CefSharp.dll

    • Size

      272KB

    • MD5

      715c534060757613f0286e1012e0c34a

    • SHA1

      8bf44c4d87b24589c6f08846173015407170b75d

    • SHA256

      f7ad2bbbeb43f166bbbf986bdb2b08c462603c240c605f1c6a7749c643dff3fe

    • SHA512

      fcaec0c107a8703a8263ce5ccc64c2f5bfc01628756b2319fde21b0842652fbeee04c9f8f6d93f7200412d9bd9fad01494bc902501fb92e7d6b319f8d9db78d7

    • SSDEEP

      3072:y79yn4VZ3fE1clgTTNmMnRGhH7gxNT5AL6GmAj9VB08OKNlUtrz+pyUU2Hu61:m3OKraRAEx7AL1mAjDB08jNlY+pmj6

    Score
    1/10
    • Target

      Celery.exe

    • Size

      17.3MB

    • MD5

      433bb23192adb1d78a2fd99ca652eab4

    • SHA1

      40087ada7a5020046c30d8ffb9fd70949450151e

    • SHA256

      06a7351cbbb9e794e8ee5793114cb74cda3b55f23eb634ea3b994adf851ddd3a

    • SHA512

      d74a2156ea003640774a1139aa4c1b5b76f0f97ebbeec1dd3cebbf902eb667d369f7ea8e1d3c6aff140da6f75e5c64cee23cd1e2cb988873db95723ea9cca93e

    • SSDEEP

      393216:xUa57DdNAuyvw4wK/gsrlVwgqI59D8exrbwANXg5yH4LVvIz:p1d2toVKrR5qI59woPXlOLmz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Drops file in System32 directory

    • Target

      Microsoft.Bcl.AsyncInterfaces.dll

    • Size

      26KB

    • MD5

      ff34978b62d5e0be84a895d9c30f99ae

    • SHA1

      74dc07a8cccee0ca3bf5cf64320230ca1a37ad85

    • SHA256

      80678203bd0203a6594f4e330b22543c0de5059382bb1c9334b7868b8f31b1bc

    • SHA512

      7f207f2e3f9f371b465bca5402db0e5cec3cb842a1f943d3e3dcedc8e5d134f58c7c4df99303c24501c103494b4f16160f86db80893779ce41b287a23574ee28

    • SSDEEP

      384:cOJWqnwCBbNAP0VES2j0cX6dAl+NWpVzrdcoquWeP/WxR5kHRN7dDFcYR9zPrf8O:culwCBhdVv2wK5fdcUtFFn9zT8pY

    Score
    1/10
    • Target

      Microsoft.Expression.Interactions.dll

    • Size

      89KB

    • MD5

      6a3b9e46c41e42e7b8e1479468d892af

    • SHA1

      e31c05ae685e51d07808b1dd24ceced9d299ed81

    • SHA256

      f3b14defbd05493b8573016b08b86e5b5d53b486b0457fd75f67bf8bff04be38

    • SHA512

      d6416204875ce732edac51e36f267c9cca52f60ba79cd981b388988e435bd1cce87f972a9e90be4fd9a7fd25cb316293f938f45fb645f25a4f62b980a37236b7

    • SSDEEP

      1536:Srf5GttgxHXEuRmG5rtkGY4CEmWAxXSSYhhS98ca2Wvsd65FJDlGWwkEy:a5GttWHXEUx5r65LxXshk8JDIWP

    Score
    1/10
    • Target

      Microsoft.Extensions.DependencyInjection.Abstractions.dll

    • Size

      62KB

    • MD5

      00053ff3b5744853b9ebf90af4fdd816

    • SHA1

      13c0a343f38b1bb21a3d90146ed92736a8166fe6

    • SHA256

      c5a119ec89471194b505140fba13001fa05f81c4b4725b80bb63ccb4e1408c1e

    • SHA512

      c99fcda5165f8dc7984fb97ce45d00f8b00ca9813b8c591ad86691bd65104bbb86c36b49bb6c638f3b1e9b2642ec9ac830003e894df338acfca2d11296ff9da4

    • SSDEEP

      768:4r85ZhSBuU1OURH7MV5594phn9Uad5J6Sx+I9W6wjMwRLSEnlHctC63/iOn9zT8c:cH7Mz8DiIW6Pw9SEnl8txviO9zTH

    Score
    1/10
    • Target

      Microsoft.Extensions.DependencyInjection.dll

    • Size

      94KB

    • MD5

      3452007cab829c2ba196f72b261f7dec

    • SHA1

      c5e7cfd490839f2b34252bd26020d7f8961b221b

    • SHA256

      18b39777ee45220217459641991ab700bc9253acaf0940cf6e017e9392b43698

    • SHA512

      a8b83a8582dfee144925a821d09c40f5730f6337b29446c3bce8b225659bdc57a48778081fa866c092d59b4108c1d992e33f9543ae2b4c7554b8ff27b5332cdf

    • SSDEEP

      1536:g/F7GzTFh4u/Nf172OPHxZXD2wdOwaOwGuldE4lCyBBiM+z9f:oF7i4u/FYg3XrMnOwGuld5dBMZf

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10
    • Target

      System.Runtime.CompilerServices.Unsafe.dll

    • Size

      16KB

    • MD5

      da04a75ddc22118ed24e0b53e474805a

    • SHA1

      2d68c648a6a6371b6046e6c3af09128230e0ad32

    • SHA256

      66409f670315afe8610f17a4d3a1ee52d72b6a46c544cec97544e8385f90ad74

    • SHA512

      26af01ca25e921465f477a0e1499edc9e0ac26c23908e5e9b97d3afd60f3308bfbf2c8ca89ea21878454cd88a1cddd2f2f0172a6e1e87ef33c56cd7a8d16e9c8

    • SSDEEP

      192:LGLxTyHvc4ROgcxAdWXYWJeaPtWsI9A9GaHnhWgN7aJeWw0fnCsqnajt:LgGLROZAdWXYW8aPcyHRN7WEqn1lx

    Score
    1/10
    • Target

      System.Threading.Tasks.Extensions.dll

    • Size

      25KB

    • MD5

      e1e9d7d46e5cd9525c5927dc98d9ecc7

    • SHA1

      2242627282f9e07e37b274ea36fac2d3cd9c9110

    • SHA256

      4f81ffd0dc7204db75afc35ea4291769b07c440592f28894260eea76626a23c6

    • SHA512

      da7ab8c0100e7d074f0e680b28d241940733860dfbdc5b8c78428b76e807f27e44d1c5ec95ee80c0b5098e8c5d5da4d48bce86800164f9734a05035220c3ff11

    • SSDEEP

      384:1R973o62/KqcAnb05J3w0I5eUGef8s72XBWdvVW2JW8aJcyHRN7WEimpplex:1RZ4nNxnYTb6Blha

    Score
    1/10
    • Target

      System.Windows.Interactivity.dll

    • Size

      39KB

    • MD5

      3ab57a33a6e3a1476695d5a6e856c06a

    • SHA1

      dabb4ecffd0c422a8eebff5d4ec8116a6e90d7e7

    • SHA256

      4aace8c8a330ae8429cd8cc1b6804076d3a9ffd633470f91fd36bdd25bb57876

    • SHA512

      58dbfcf9199d72d370e2d98b8ef2713d74207a597c9494b0ecf5e4c7bf7cf60c5e85f4a92b2a1896dff63d9d5107f0d81d7dddbc7203e9e559ab7219eca0df92

    • SSDEEP

      768:6MazwAgR8/XJ665bKZdxuB8DCuL5enM7JxKjuMlZCZN+R0E7E:63wBccZdxuB8mQen6JxKjrlMZgR0Eo

    Score
    1/10
    • Target

      chrome_elf.dll

    • Size

      1.3MB

    • MD5

      5b3802f150c42ad6d24674ae78f9d3e8

    • SHA1

      428139f0a862128e55e5231798f7c8e2df34a92a

    • SHA256

      9f455612e32e5da431c7636773e34bd08dae79403cc8cf5b782b0ea4f1955799

    • SHA512

      07afbd49e17d67957c65929ca7bdfe03b33b299c66c48aa738262da480ed945712d891be83d35bd42833d5465ef60e09c7a5956df0a369ec92d3bc2d25a09007

    • SSDEEP

      24576:LcTZORTcbxjPziCdLI3ovs8t8+oaOzjY:LcTZYTOxjPzJdEoNa+2fY

    Score
    1/10
    • Target

      d3dcompiler_47.dll

    • Size

      4.7MB

    • MD5

      2191e768cc2e19009dad20dc999135a3

    • SHA1

      f49a46ba0e954e657aaed1c9019a53d194272b6a

    • SHA256

      7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d

    • SHA512

      5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

    • SSDEEP

      49152:KCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNc:xG2QCwmHPnog/pzHAo/A6l

    Score
    1/10
    • Target

      dxcompiler.dll

    • Size

      20.8MB

    • MD5

      141f621285ed586f9423844a83e8a03f

    • SHA1

      9c58feee992c3d42383bde55f0ff7688bc3bd579

    • SHA256

      5592056f52768ba41aad10785d21c1b18baf850a7e6a9e35526f43a55e6ada6d

    • SHA512

      951a55bbe86a7ebecfc946bf1c9a8c629f0e09510089a79a352cd6d89b7c42e0e23fd4f26232b0e73bd6d4ec158b86728cda2ab25745abcabfafadd964b55896

    • SSDEEP

      393216:5NfWHkWI4F8p4q8ZyfV+mq7q5oIB1p4bWpso:cTW4bWpso

    Score
    1/10
    • Target

      dxil.dll

    • Size

      1.4MB

    • MD5

      cb72bef6ce55aa7c9e3a09bd105dca33

    • SHA1

      d48336e1c8215ccf71a758f2ff7e5913342ea229

    • SHA256

      47ffdbd85438891b7963408ea26151ba26ae1b303bbdab3a55f0f11056085893

    • SHA512

      c89eebcf43196f8660eee19ca41cc60c2a00d93f4b3bf118fe7a0deccb3f831cac0db04b2f0c5590fa8d388eb1877a3706ba0d58c7a4e38507c6e64cfd6a50a0

    • SSDEEP

      24576:LCfhbh3v3mtZDiAQeWj26k41ob2nrZ1rqpegQDJqoZtp22GkmgA9u808jQPEdkr1:LCfhbh3v3mtEAQrW41obCraeRhy9ou6r

    Score
    1/10
    • Target

      libEGL.dll

    • Size

      459KB

    • MD5

      ce2c45983f63a6cf0cddce68778124e9

    • SHA1

      6553dc5b4bc68dcb1e9628a718be9c5b481a6677

    • SHA256

      9ca8840bbb5f587848e66d08d36cb5eb30c1c448ef49ce504961ff4ac810c605

    • SHA512

      df81a3356168e78d9810f5e87ca86eb4f56e5f0cb6afdb13408b50778a2d8b18c70b02c6348cd7ba59609ab2956d28eed324706eb65d04bce1159a2d8f1e0e8f

    • SSDEEP

      3072:OJr6bcnn5+k93dw1IkCUEWZpWr1H7gd51Dzwr7fkN7yt6S0/t6BDE96FX9Dk2K0I:IcpoGEfmMJHKDzm7fku10/tTYd6jb1D

    Score
    1/10
    • Target

      libGLESv2.dll

    • Size

      7.3MB

    • MD5

      c9b090ed25f61aa311a6d03fd8839433

    • SHA1

      f1567aa2fb1fcad3cde1e181a62f5e2bccadaf68

    • SHA256

      c7a7a59cf3c26d6c8b2505996065d49f339764f5718e6f53a9ecec8686c489db

    • SHA512

      21cd4618b6ad011afa78abe8fbc42ecafbb992322912c4a77e5f193a04aeb97a5655dedfc513e1a7667db55b92a322e3d9a6dfe7e845af25f37a6666a1798470

    • SSDEEP

      98304:UqV269WX/0dlldzRv/DaVhHTEeXm3w584:UqVtpdlTkVVrCw584

    Score
    1/10
    • Target

      libcef.dll

    • Size

      204.4MB

    • MD5

      3f1e12a06149b68ec7ea58486413aac5

    • SHA1

      b5ee4bfb76e53cb50cf0ca9da43659cc67454b12

    • SHA256

      e2f3d912e2fa54b2d29330202bfb98394a3086aaff800417e382f772a6b07922

    • SHA512

      23d45229285bbbdf538fa03e050bd2b6815e446c602c86603b13b0dbb6811d5fe40711f46fd34bca9efbb17af3ab38d466161903b65798400d3ffc24b8945062

    • SSDEEP

      1572864:h90gHOgkN8SpQTT/PG4iRa592G7eZy1aQ3+PcToCptZjUicMTyDBlT5vOIZaJ/Cd:XgNEJ5Ajoq

    Score
    1/10
    • Target

      locales/en-US.pak

    • Size

      455KB

    • MD5

      a8d060aa17ed42b6b2c4a9fcbab8a7e1

    • SHA1

      16e4e544eca024f8b5a70b4f3ca339a7a0a51ebf

    • SHA256

      55e4ae861aa1cacb09db070a4be0e9dd9a24d2d45e4168824364307120a906b2

    • SHA512

      8f3820e3c5aca560344a253d068936bdb797d07eb22711020d287a949c97d7a98879ff9ff5a4fb2f3fe804bf502300b6f4c92918d973bef351d587483bc43723

    • SSDEEP

      6144:K4xBLGwjACVzeooSr837tMP9eJqDLfaY0baAP52vSZng5H/9xZwp:Kq0CVz1HctMqqD+d56S2Zwp

    Score
    3/10
    • Target

      vk_swiftshader.dll

    • Size

      4.9MB

    • MD5

      3262e23f3fef8b021b93c801f5649c92

    • SHA1

      de49b94cfc981a0af5a4e134854f69620e7ba566

    • SHA256

      1c9098e8a6f21462864a91e74555f299ebc41d3bc79d6ee1b9c577c929957285

    • SHA512

      54b0b26b95f6fc799b3e24863a65ef3896786811be3cc9fffa2a06e95e98daf32b16f0ede6b8a87acc319ea17650cdd089c56798236476b894054195738e1797

    • SSDEEP

      49152:gF448X7wFiEjApLVO1m6ok46FFQNeoX/lbR7lZI5cWp3PDr70yDIubUQ6ot70FXf:l/X7i+xLLIJmZdT

    Score
    1/10
    • Target

      vulkan-1.dll

    • Size

      924KB

    • MD5

      38d2b059a99f2c4b6f863c18c6f1d25a

    • SHA1

      8b027a7704b795df1f74b994b0dc55ca4e53c479

    • SHA256

      a72bd8d3d24ff0e2c56a2b64c05b324f0b7f56ab486f507a256a9c3fef7bc902

    • SHA512

      4689aae5bf7f81a7d216a570e36322ab61ffb33428316f301be20f1f65111b6eb696b75325b008dff6f963a135148ccc1c600ed1bf71fcc813765918daa14102

    • SSDEEP

      24576:YXd+yURo9zpJSRoOl6Z5W1DYsHq6g3P0zAk7C3:wdwGdrStl6Z5W1DYsHq6g3P0zAk7C

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks