Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    winxvideo-ai-gv.exe

  • Size

    146.5MB

  • Sample

    240814-aah77asapc

  • MD5

    b7cfb124699f5e04fb78c1dbe534fed3

  • SHA1

    2e332cf42988591630a5c333df77837ec835aa64

  • SHA256

    3da951c56a2b1a30bc04ab13d354d0790f97bfdb336e481e7f9af3d165ffdeb3

  • SHA512

    7def8fcdfe2ba0fcf247f95b66720f3d3795f3c7448d2f1f8940aa9a39c493b45cefd017e40ca44eafdbd106906568dd1215db7cce9d34917f6ff1472f0b7a29

  • SSDEEP

    3145728:vCV7iRpt7uXuWIjpjR6Q8tjtgH51CfTKfYxDOuXjjzyiOD:v5d4uWIjpz8t+Z4fTKfYxnjjmiOD

Score
7/10

Malware Config

Targets

    • Target

      winxvideo-ai-gv.exe

    • Size

      146.5MB

    • MD5

      b7cfb124699f5e04fb78c1dbe534fed3

    • SHA1

      2e332cf42988591630a5c333df77837ec835aa64

    • SHA256

      3da951c56a2b1a30bc04ab13d354d0790f97bfdb336e481e7f9af3d165ffdeb3

    • SHA512

      7def8fcdfe2ba0fcf247f95b66720f3d3795f3c7448d2f1f8940aa9a39c493b45cefd017e40ca44eafdbd106906568dd1215db7cce9d34917f6ff1472f0b7a29

    • SSDEEP

      3145728:vCV7iRpt7uXuWIjpjR6Q8tjtgH51CfTKfYxDOuXjjzyiOD:v5d4uWIjpz8t+Z4fTKfYxnjjmiOD

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      adb29e6b186daa765dc750128649b63d

    • SHA1

      160cbdc4cb0ac2c142d361df138c537aa7e708c9

    • SHA256

      2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    • SHA512

      b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    • SSDEEP

      192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs

    Score
    3/10
    • Target

      $PLUGINSDIR/license_videoproc.rtf

    • Size

      4KB

    • MD5

      fb2bb708ab8757206d2f987ead469820

    • SHA1

      4a158ccc1497299353734ad168904b55aaee5f81

    • SHA256

      6229fe87351598dbe7eec751749fcc7e82ba3c7d16a60a9a5e80b3aee010c6fd

    • SHA512

      4f8cf7a07a5b0b0184a4dbbfc1c5b9b3919e2e16a84311e8424433998fad8306c31da859eacc5e899b3e23135ce90591e08d59ab81c394a0a214d1e393a738d8

    • SSDEEP

      96:Xy8LQ9B8fgKnzUPzxQ4qzgma2WHe7E5Lw0D2:C8LQ92zU7y8mBWH2Edw0D2

    Score
    4/10
    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      6KB

    • MD5

      7059f133ea2316b9e7e39094a52a8c34

    • SHA1

      ee9f1487c8152d8c42fecf2efb8ed1db68395802

    • SHA256

      32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f

    • SHA512

      9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51

    • SSDEEP

      96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsArray.dll

    • Size

      12KB

    • MD5

      da4bc09439ed21faf7620a53433aac92

    • SHA1

      94e3347aebe16cb88b9f29f00134d9e0fb67e508

    • SHA256

      216d68d3f0b37bb2203b3a438a84a089e8c388608f46377ad7e7d6a2709cf9b0

    • SHA512

      920294456e8fee0c4137e4b4ba1389f09ade297d6ed49d78a9593d129dbb5eb048da2cbff7ac29687999991d5f38657cb31af73e2ccf6b8b9ce29480d4d81ec6

    • SSDEEP

      192:LULA8tZt1pehCUVFpZ/XXz5F8qioPYtS/Z8i4NVhWp1h2ph30R:gLAe1peEUD/X1F8qiAFLhOh

    Score
    3/10
    • Target

      $PLUGINSDIR/nsNiuniuSkin.dll

    • Size

      892KB

    • MD5

      77270fd8bbc780b411eb737641e1e6cd

    • SHA1

      3d0b9351785836e81fbd38f17d4d50e0224bce44

    • SHA256

      562a8cb521971572445f73d9344a1984345f44d631397d0c305cf4512d2c8db1

    • SHA512

      37cd6f15e819242fcf8a1ef8c4e4f0fb5b313aae572230b1d1c3506e4584dbe9e6dc860223d2ff104f96fdb34a082becb6df1e789e846343047dae69a1f98097

    • SSDEEP

      24576:T9IcjGQXmnvnDy2zwK5DezNs7cQh+5LJa:8QXml5izN+3kLw

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7zU.dll

    • Size

      313KB

    • MD5

      06a47571ac922f82c098622b2f5f6f63

    • SHA1

      8a581c33b7f2029c41edaad55d024fc0d2d7c427

    • SHA256

      e4ab3064f2e094910ae80104ef9d371ccb74ebbeeed592582cf099acd83f5fe9

    • SHA512

      04b3d18042f1faa536e1393179f412a5644d2cf691fbc14970f79df5c0594eeedb0826b495807a3243f27aaa0380423c1f975fe857f32e057309bb3f2a529a83

    • SSDEEP

      6144:rA9ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm0:r2S165UP4mL/FvBtC8zQdSDmm0

    Score
    3/10
    • Target

      AMDCheck.exe

    • Size

      206KB

    • MD5

      aff7bf445fd6ed06874ac35417ac7b8e

    • SHA1

      ba9f0c0bc38c6fed246337f0a81a0aec349a74df

    • SHA256

      6b412c5d8b57c6bfb5277bf4d061c5f6d61a71f3d4b1e6cfdbec7e149639113a

    • SHA512

      b112f8575967554fdb446806202a3df53b2b85ee849281c5262cc88dabcdee1286198a585cd91fc5005270517caf37d9a881d06bbaa352a7e93931ca57f0c126

    • SSDEEP

      3072:TJh6N+uHrCCs6MGjEtiq75K+4oD0DSGjM9NczoY466M4wqq/jA3fq8UN:TCzrC16MGjy7ozDSibohW4w5bA3fqR

    Score
    1/10
    • Target

      AtomicParsley.exe

    • Size

      852KB

    • MD5

      a93883bfbf3554bef37e77f2e59da0c2

    • SHA1

      d9c4d454caff82db55e5efcfe5b9dd63d92bb515

    • SHA256

      f51273f94cb3a73e9fb04f8b5f4003fd07100c70fb87a6227117fda7afa29caa

    • SHA512

      9f78a2133c3af6607906dd113342c94b9af1d01f3f6e2809ba51dcd56d7231edacec14a9de32bcd199a2b47232fd7edf3bf1c9d7ed44be7b4ec7c5039c367bc1

    • SSDEEP

      24576:DTszM5Zh+x5B9Tul94G69zmUM5qJRJDqCuVtsFf2a5A:DwzM5ZhQ1ul94G685UIa5A

    Score
    1/10
    • Target

      D3Dcompiler_47.dll

    • Size

      4.0MB

    • MD5

      e3a7c7880106304bed586728b9eddd67

    • SHA1

      83ec447319e00d5a719d9500d6790f86c40d75f6

    • SHA256

      51d217976012c5f6e9ae67633b109dd7075319d5455e65041eb67e41f245b509

    • SHA512

      103099f2cb16bb934fa04604f5a87fc863fc03e6c3ec44683151a0d3d5f5cff5255ef0f4ff346e6fdff5aab740e2364f9f2235dedbde05c5700b9f9f61495e09

    • SSDEEP

      49152:sBfmqCtLI4erBYysLjG/A8McPyCD6hw16JVTW7B3EgvVlQ3LAYmyNOvGJse+aWyH:MeZevVKACOvWYQZ

    Score
    1/10
    • Target

      DgAIModules.dll

    • Size

      34.7MB

    • MD5

      83a9fddcba5eb7ade96f32ca7d82f975

    • SHA1

      a60f95ac91bacd05842031b4b5c32fad12030b8d

    • SHA256

      4c8be80d62842de5a24545000c7a30d6bf474ba76fff407da1810892d958dc68

    • SHA512

      93496f8b5bf6f6e4d4adc6100e8119d1df5e002172a4e948b21100a16b840bd842cc055ea0861af8ab2110ec1fa53217df34905e32916b40b9ebe1a7bcfc47e2

    • SSDEEP

      393216:CTDMOmlY947OQTMGkVVkD2om3a16Tt9cLiAUG:XY9dQTrkVVkVm3a0h2

    Score
    1/10
    • Target

      DisplayDrivers.exe

    • Size

      296KB

    • MD5

      37fe821cef6f0cb8957dad68dd1cd341

    • SHA1

      485d029f2eb1bc1c30b9bf32cf1afdca835d4c18

    • SHA256

      1932276b040da99555faa20fa9ff96facd5be68d90dfe5c86e3e27986d654385

    • SHA512

      9253f8f52c731a900f90a29b5db96aa1078e0f66265e09dc9a25d4d446f4b1438bbf37398ffab305636989e7b2dc609f0cdfae72a1f635038dd6072886fb4987

    • SSDEEP

      3072:MRVHbXI+ZgvM7rHZBCYwK0GVrSttQI0B4EFV4wImL4RUh1bJIjToY46AQ4/xoSmQ:MJgvM7DvC2VrOuI0B4ftKWohBRqL3i

    Score
    1/10
    • Target

      IntelCheck.exe

    • Size

      227KB

    • MD5

      6f415cebcc00c9f65b8bb9f4d35bf83b

    • SHA1

      7c5148ef22875b37729c816471b18a694da6706a

    • SHA256

      695594ccf8c578b140c0078ad198292195db869ee25f7253d5caf4548fedaa2b

    • SHA512

      2b0caf1ba75c29895567c9e3de3eedba24226b2f92563d6d20c0fada3e75e6eab607cebf842991a03154d647a6a5e9513ce3c8b937adc057a3c9d795e80e28bd

    • SSDEEP

      3072:Qyahqwd2QrDFlQNCbaPUlOGlZnavkAzm+XPE+tNA5R1ZtJXB9kwD0Nt9ivmD:pQd2elQNCbaPUlOoZnxutNyRltL0ge

    Score
    1/10
    • Target

      MediaInfo.dll

    • Size

      6.1MB

    • MD5

      f98571573aee17db62cc80206fe34134

    • SHA1

      ca2f3c2a2dfad0f6f49afd40ac5e17863d5368da

    • SHA256

      95f0ef1426708ee0748aec4332ef194b1842d375a31f21321f10d50c241cc4b5

    • SHA512

      7ee4432dc3ca29220ad033c9d97a1e7e261d9ca676c552a87a9441fa691f7ab952f21093f4ccdfd8c6498935b56d8b546e3ab125d1ef43cf9af0ced4af26fbf3

    • SSDEEP

      98304:k4fJFvi7MUuFN9uHcXEXJ2IAuOyG6ikQgwGI5Wd:k4fJFq7MUuFnu8Xa2IA/yG64a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discovery
Score
4/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
4/10

behavioral10

Score
1/10

behavioral11

discoveryupx
Score
7/10

behavioral12

discoveryupx
Score
7/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10