Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ccsetup626pro.exe

windows11-21h2-x64

7

$PLUGINSDIR/INetC.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$_115_/lang-1025.dll

windows11-21h2-x64

1

$_115_/lang-1026.dll

windows11-21h2-x64

1

$_115_/lang-1027.dll

windows11-21h2-x64

1

$_115_/lang-1028.dll

windows11-21h2-x64

1

$_115_/lang-1029.dll

windows11-21h2-x64

1

$_115_/lang-1030.dll

windows11-21h2-x64

1

$_115_/lang-1031.dll

windows11-21h2-x64

1

$_115_/lang-1032.dll

windows11-21h2-x64

1

$_115_/lang-1034.dll

windows11-21h2-x64

1

CCUpdate.exe

windows11-21h2-x64

6

CCleaner.exe

windows11-21h2-x64

6

CCleaner64.exe

windows11-21h2-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ccsetup626pro.exe

  • Size

    72.2MB

  • Sample

    240814-eb3qfawdnd

  • MD5

    b0641da60584a9ddbbc5a5c14d1e2c25

  • SHA1

    9a3a808fe55c5174e262762de319aeea2701bae8

  • SHA256

    ebd3bc74866f6cd818141da0ff7ae51b4b1970dad1695f3f57845909f9c7b7a4

  • SHA512

    3a66626336034210d847757c87b005763169eece50b678dd44d90a5527dce2ec55b3d3ecee3c3b5e750052dbe5c0cea52e42811d8b566c33f5c43e77ba1d0d00

  • SSDEEP

    1572864:Hcsg1pG3zhIExyRA2V/eboTJKq7/89/6C6KOhNMi:HyG3dI/RAUUoTJH7/89/6C6KUNt

Score
7/10
bootkitdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      ccsetup626pro.exe

    • Size

      72.2MB

    • MD5

      b0641da60584a9ddbbc5a5c14d1e2c25

    • SHA1

      9a3a808fe55c5174e262762de319aeea2701bae8

    • SHA256

      ebd3bc74866f6cd818141da0ff7ae51b4b1970dad1695f3f57845909f9c7b7a4

    • SHA512

      3a66626336034210d847757c87b005763169eece50b678dd44d90a5527dce2ec55b3d3ecee3c3b5e750052dbe5c0cea52e42811d8b566c33f5c43e77ba1d0d00

    • SSDEEP

      1572864:Hcsg1pG3zhIExyRA2V/eboTJKq7/89/6C6KOhNMi:HyG3dI/RAUUoTJH7/89/6C6KUNt

    Score
    7/10
    bootkitdiscoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Downloads MZ/PE file

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      23KB

    • MD5

      7760daf1b6a7f13f06b25b5a09137ca1

    • SHA1

      cc5a98ea3aa582de5428c819731e1faeccfcf33a

    • SHA256

      5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079

    • SHA512

      d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5

    • SSDEEP

      384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA

    Score
    3/10
    discovery
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    discovery
    behavioral3

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      6c3f8c94d0727894d706940a8a980543

    • SHA1

      0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    • SHA256

      56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    • SHA512

      2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    • SSDEEP

      96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc

    Score
    3/10
    discovery
    behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    discovery
    behavioral5

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      f0438a894f3a7e01a4aae8d1b5dd0289

    • SHA1

      b058e3fcfb7b550041da16bf10d8837024c38bf6

    • SHA256

      30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    • SHA512

      f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    • SSDEEP

      48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj

    Score
    3/10
    discovery
    behavioral6

    • Target

      $_115_/lang-1025.dll

    • Size

      247KB

    • MD5

      bfa14cea0347e0b7878ae63ceec6f979

    • SHA1

      3888d79361af7404c61ea23ab4e1057b8331a654

    • SHA256

      848a7af8645cac9a9b47612eae92027cb15f9a18e58251dc0610f3581c9bb5fa

    • SHA512

      e66c717e232215afb3f1279da5f4f53cd64f3201dca0b8914d2ac0e0e5562172b06dff6ae909d573f94e6a89ce565aa95cc45a16bdbfda8d852ebf77e5ecc0b1

    • SSDEEP

      3072:PR8RfnpwJ5WckrG4m4xyOfF38ForEml34/s2O8sM10dOR25VvxX0n+TOq3jK5zeg:+RlLhEs0Ueik

    Score
    1/10
    behavioral7

    • Target

      $_115_/lang-1026.dll

    • Size

      295KB

    • MD5

      f7694bb263cab5a4baaf6d1d9e7f9eb7

    • SHA1

      035f3b90b8f12d5d38f3e8c1cd4959ddf8c31659

    • SHA256

      b90c6ec813ed2185b4eb8abd224a4620dfac33424e0074197ace74e820289459

    • SHA512

      b92827f54733556cedcc7ffc991a11653dd9cebf60981e9ec396ec4d8e804dddfb3fca9ebe4630f0b7c54acc41d3e18b3de0856df021febcff0c79341827a82c

    • SSDEEP

      1536:6R7HiAYLSKbody2mxDeNvZtSffDd6vj0oD9h9U1Uzph4bwE7k2Yxd:6RzPYLFody2mxyNRtmd6JTmUzph414

    Score
    1/10
    behavioral8

    • Target

      $_115_/lang-1027.dll

    • Size

      297KB

    • MD5

      ed2f12ff21e691f8ceb5c46e38265944

    • SHA1

      9420c58b9389ea2246d5cf8e54872536cd0aea87

    • SHA256

      de8cafffaf7b9f87dda62e3559774bb8bf7d39c74309a1c58ca08e6bb8e1cf2d

    • SHA512

      a895150e5bf2edcf786fb819ea70750af65c4bbd09719815da78f126136c25704367c16cbbc91e82d5328c4f4c476789175458824e88f619f3ee0cc932849626

    • SSDEEP

      3072:2RzrruphzbmGC0MUmqvn9vQ2iYHzNbUSlLwRPM36qWFnZY2WV72RKXsJxz1w6v4e:fbbK0MUmqVNbUSlsqWAWxzr

    Score
    1/10
    behavioral9

    • Target

      $_115_/lang-1028.dll

    • Size

      115KB

    • MD5

      c148293d6833904b97da34520e7e7cf7

    • SHA1

      ca4d26d675006c80749e0660e5da97bf984b395e

    • SHA256

      3247aa351c7c15866cebcdd92a4ce96cdf759a31ea0d88215024638e81a11aa9

    • SHA512

      5606884263de6cefc4e4c5892214e43023625570d42e33fb6a2a6c7bdc859c086863b4e910128f4849f2e9f575d7e0bec4fe891d06ff1778706dc15b85c7237a

    • SSDEEP

      1536:ZJRo/D/014AsGJGT9bdY4MY4JUjAiN0zEwjHhAElK7kzGxOb:ZJRoLOh34MY4JzlLHplK4z/b

    Score
    1/10
    behavioral10

    • Target

      $_115_/lang-1029.dll

    • Size

      261KB

    • MD5

      b5884538a0734f188c55dbaeb12565cb

    • SHA1

      183e70c34421110c18f974c1ecef20693a6e5750

    • SHA256

      77b6d74002734bdd734d3ce521b6d6688203b16ff3aee1640e3281d4e399223a

    • SHA512

      484964acbbcf97565c247f2a8bc0a7332370d34c2fff2b59c9fdcd80198f620adaecb1f8443890f9f9bd254831a538bb1d9dacea88a471d019d3626eba7d12f0

    • SSDEEP

      3072:pRYTV9w+1kxQxrTjEuq+mc4l0V13hcIYq80jJ0wonymZq1Mb2g6f4K:YpB13rYK

    Score
    1/10
    behavioral11

    • Target

      $_115_/lang-1030.dll

    • Size

      258KB

    • MD5

      af1331c8efc86ba3e9f7ba142cd42dc2

    • SHA1

      0a8edd11230bddd883bdde512b32c52086706a76

    • SHA256

      e4adb1ba27cfea6c191c66834136970af221f6aea03f3f307e58e789fc48207c

    • SHA512

      bf74146b382f3b3580d4c4e19c7a8fe894be0dc8277bcf50144381fa3f8d8245d326c2f4fc4ae300d06ad756196e74214923c01de8d17939e396f271fce19926

    • SSDEEP

      3072:eRPBUUPjdtlysCPH02R/CCzuo8JqT1oSo4amSZtlFgCIMqinpM5G94t:uRrlyhwmQpqj5G

    Score
    1/10
    behavioral12

    • Target

      $_115_/lang-1031.dll

    • Size

      292KB

    • MD5

      e54755c61270afdfc2b39d3e50b7175e

    • SHA1

      ff9cc60aec2b10b99e8b9971bd362972d45eb4c5

    • SHA256

      13785e4f5c235c5de9d8d524d7d236db35f1c2085c444b5eb28f3b0f935dd89d

    • SHA512

      44e84ab54035a1a04990eca8980db5d6f2071714f05367a756f20af871df60291c044123fa536c29b20e082261be2e04532b70540081e073e3e3c527041dee5a

    • SSDEEP

      3072:ERHJn9KvgjvyvvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXuGdIEhpg8XVLZkwLlJ:ay/6qEFzda9E5VaJF

    Score
    1/10
    behavioral13

    • Target

      $_115_/lang-1032.dll

    • Size

      305KB

    • MD5

      4dbdb71602f95f933d85d601a592c307

    • SHA1

      801b3a530a7fe59586a5402c872ed1ec9173fabf

    • SHA256

      d63d955a10479afa13e9903440b72786767e21fa5d59836fbaeb9705b31f4fb1

    • SHA512

      802824ddc29c0e5f0897eefbd7db98a49904f90ef0e5c97eec42ffeafb79494d698732f1dce10e03c8f79dcbf65610dba269bcecd383cf02b2e40d202a9156d3

    • SSDEEP

      3072:vRRBkC3TgkU7ZcvMQZO3MnoWX6r85dWORIqC4adqLDBBlKLSUG8ioi9rvxVJzAkX:9vMNx6iy

    Score
    1/10
    behavioral14

    • Target

      $_115_/lang-1034.dll

    • Size

      290KB

    • MD5

      d6886a93b3e400544929266bf9c16249

    • SHA1

      53d3ccbe75b88aa1edf72e2790b62d029d3804dc

    • SHA256

      6461381265d9a51dc7b3fd0533b3a2cc3de259d1398fd4f24b2af43ea7828f4e

    • SHA512

      cec15aa20ed0509025ebd27cb135ae97678ad239b9ca3745a87ffec5094b7d47ce80ad95263c554b98c4ab49327cf265ca7975982b8e6364d0af125138da58f1

    • SSDEEP

      3072:vRQfXax1ncqT074Dc+JqL/wDFyIsDFPXJeiWaC7kkhTrldUuUfHuvyFWhaeqVI5e:2yx1c99+JqLY4RDFPQivkhQHehaFC5ix

    Score
    1/10
    behavioral15

    • Target

      CCUpdate.exe

    • Size

      809KB

    • MD5

      943a4f169e9a3303ed6defc1ac3690bd

    • SHA1

      e0bd76b866624164c10b85d37efb6474b84164df

    • SHA256

      e531742a357907248de84b99f68ed7e8edd70e7ca918d21b24cc17ee4c128240

    • SHA512

      da29cafdd63fd3ab3d2378fc6c2810d7579ebd6b62a4f99248458094cd2e42dc0071b83f0aee4185ca1c81139dec2991212ac383d77a737937558bbcb29d688c

    • SSDEEP

      24576:Jjtgw77IpNyggggMrSQ5hEGnh0lhSMXlLtBq7ZnP:JjtgI6yggggMrSQ52bbq7ZnP

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral16

    • Target

      CCleaner.exe

    • Size

      37.1MB

    • MD5

      6b4c65034b779fa91129d036f2854a55

    • SHA1

      b0c21f129f58f4195cbffb8268b5693b0a4c4f2a

    • SHA256

      9cea0bdcf677382833e973158a0c7c9b5dee86fbd7c6fdb8b114aa7b23e64d58

    • SHA512

      b3d16086c09b23b6e8fa796e307348c005a2885c6067a5d180eeba39178d1a37fa6dffd4aad6f7a1624c9e150bf3b62f49ebfaa7612ebb26dc34264fcee88dba

    • SSDEEP

      393216:0OriB5sAYYtY8t0fLDko46M+ApgN7ulGqbWQU53MgbAQh0ervLmM4A3WTrqN4w+n:9riB5sAdS8t08o4auHWeLw+AugFs1J

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral17

    • Target

      CCleaner64.exe

    • Size

      42.9MB

    • MD5

      4ee9df4bef3571c74b1a4556e6afae6c

    • SHA1

      4cd037edf6984b026f25572298e5c6345cbd7b0a

    • SHA256

      c02731acaa708f929e4935da2338cda307afb4729c962722708e5a4e3b8aeb33

    • SHA512

      a295f2d91639db79c496b31c3f03f175a9b1649d1f4c5342bdcb01c2e8871d3ef48938cfda72c57cc8724ad94d9284fb8f8e9135886e51d69f075b01a8d95085

    • SSDEEP

      393216:OXA+q3dWyq9DcDD7laCZftAYU03aEi3I2sL1Zyx/tPE0ArqNdp1w+AJfRFhSp0D:OXVqN/9724u/BEiw+AJJFs1J

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral18

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.