Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Richard/Log.dll

windows10-2004-x64

3

Richard/Mi...90.dll

windows10-2004-x64

3

Richard/Mi...90.dll

windows10-2004-x64

3

Richard/Mi...90.dll

windows10-2004-x64

3

Richard/Mi...90.dll

windows10-2004-x64

3

Richard/Ne...on.dll

windows10-2004-x64

1

Richard/Ri...er.exe

windows10-2004-x64

3

Richard/Richard.exe

windows10-2004-x64

3

Richard/VM...32.dll

windows10-2004-x64

3

Richard/boost.dll

windows10-2004-x64

3

Richard/co...ipt.js

windows10-2004-x64

3

Richard/fmodex.dll

windows10-2004-x64

3

Richard/tbb.dll

windows10-2004-x64

3

Richard/tbb_debug.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Richard.zip

  • Size

    76.7MB

  • Sample

    240818-3b4vhazhrd

  • MD5

    356dc05c9a0efeaf1dafde24244a52d1

  • SHA1

    1824090acac801b18b566b43d5023bd565fefa1d

  • SHA256

    8f971b3bac5294cb4edbef9498961acead8434e0580c884395ab15983e4843ef

  • SHA512

    d6b3f4ae870dcd0aac1cf43bd3af2b1c5527f015e5c48aaac31f3b0416acadabaec5b60204d28ed6f6318ac304feb91d42ad7585ca08d9f060d3bdc105025be7

  • SSDEEP

    1572864:9L90wDhATHkxqaoNhy2ccdxeDSOXwRjyRccdxeEGJn3z:9L9jSExLUhyRcHeDSGMjyOcHeXJnD

Score
3/10
discoveryexecution

Malware Config

Targets

    • Target

      Richard/Log.dll

    • Size

      72KB

    • MD5

      c58251038a52192a273c4aab324c4c51

    • SHA1

      38a0f87846603e1d1138ba84eb17afca595dd6cd

    • SHA256

      294844dca7d6e206553648e5f545eae435d3f1804815d156a34164ec4abace50

    • SHA512

      5e4a433036dc0379e2f1b04f24c00dba60c2e071e668390218385b2dd9723fc3c2b2c945b458ed4a63762f280b321148d9a299e822005e932e97c2a676a9c83e

    • SSDEEP

      1536:MUlbuJsVaWAinDO4TWkIAFAbYlRW+RjV47GC:0J29JpAbYlEsjV47GC

    Score
    3/10
    discovery
    behavioral1

    • Target

      Richard/Microsoft.VC90.CRT/msvcm90.dll

    • Size

      219KB

    • MD5

      4a8bc195abdc93f0db5dab7f5093c52f

    • SHA1

      b55a206fc91ecc3adeda65d286522aa69f04ac88

    • SHA256

      b371af3ce6cb5d0b411919a188d5274df74d5ee49f6dd7b1ccb5a31466121a18

    • SHA512

      197c12825efa2747afd10fafe3e198c1156ed20d75bad07984caa83447d0c7d498ef67cee11004232ca5d4dbbb9ae9d43bfd073002d3d0d8385476876ef48a94

    • SSDEEP

      6144:ge7iXDX5qmzXOZc/cU4HqsKvts6tifkglMqbO0YLJbc89XTiuq5Kz3OaOyp:ge7iXVDzXOGJb5XTiuq5Kz+

    Score
    3/10
    discovery
    behavioral2

    • Target

      Richard/Microsoft.VC90.CRT/msvcp90.dll

    • Size

      555KB

    • MD5

      6de5c66e434a9c1729575763d891c6c2

    • SHA1

      a230e64e0a5830544a25890f70ce9c9296245945

    • SHA256

      4f7ed27b532888ce72b96e52952073eab2354160d1156924489054b7fa9b0b1a

    • SHA512

      27ec83ee49b752a31a9469e17104ed039d74919a103b625a9250ac2d4d8b8601034d8b3e2fa87aadbafbdb89b01c1152943e8f9a470293cc7d62c2eefa389d2c

    • SSDEEP

      12288:iUmYoJC//83zMHZg7/yToyvYXO84hUgiW6QR7t5C3Ooc8SHkC2eRZRzS:iUmYoO83W0y8yeO8L3Ooc8SHkC2e8

    Score
    3/10
    discovery
    behavioral3

    • Target

      Richard/Microsoft.VC90.MFC/mfc90.dll

    • Size

      1.1MB

    • MD5

      462ddcc5eb88f34aed991416f8e354b2

    • SHA1

      6f4dbb36a8e7e594e12a2a9ed4b71af0faa762c1

    • SHA256

      287bd98054c5d2c4126298ee50a2633edc745bc76a1ce04e980f3ecc577ce943

    • SHA512

      35d21e545ce6436f5e70851e0665193bb1c696f61161145c92025a090d09e08f28272cbf1e271ff62ff31862544025290e22b15a7acde1aea655560300efe1ec

    • SSDEEP

      24576:HMh/PZa3TrShmbjRbf/zxUK4BpifCqY5TcB2sQL+XmDOl:HMh/PZa3HTjtFUKwhqY5TcyL+XmE

    Score
    3/10
    discovery
    behavioral4

    • Target

      Richard/Microsoft.VC90.MFC/mfcm90.dll

    • Size

      58KB

    • MD5

      d4e7c1546cf3131b7d84b39f8da9e321

    • SHA1

      6b096858723c76848b85d63b4da334299beced5b

    • SHA256

      c4243ba85c2d130b4dec972cd291916e973d9d60fac5ceea63a01837ecc481c2

    • SHA512

      4383e2bc34b078819777da73f1bd4a88b367132e653a7226ed73f43e4387ed32e8c2bcafd8679ef5e415f0b63422db05165a9e794f055aa8024fe3e7cabc66b9

    • SSDEEP

      768:kXS5hxqhOz9XNpOb/AXVuips6Pm550971BVO5nkcwo5ArrwlyQ6mrCHrO1MquTSU:kC/IMZHO0lu+s60VwvrrDmrCrO1HuTR

    Score
    3/10
    discovery
    behavioral5

    • Target

      Richard/Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      715a1fbee4665e99e859eda667fe8034

    • SHA1

      e13c6e4210043c4976dcdc447ea2b32854f70cc6

    • SHA256

      c5c83bbc1741be6ff4c490c0aee34c162945423ec577c646538b2d21ce13199e

    • SHA512

      bf9744ccb20f8205b2de39dbe79d34497b4d5c19b353d0f95e87ea7ef7fa1784aea87e10efcef11e4c90451eaa47a379204eb0533aa3018e378dd3511ce0e8ad

    • SSDEEP

      12288:WBARJBRZl/j1TbQ7n5WLm4k0X57ZYrgNHgK9C1BSjRlXP36RMGy1NqTU+:WBA/ZTvQD0XY0AJBSjRlXP36RMG7

    Score
    1/10
    behavioral6

    • Target

      Richard/Richard Launcher.exe

    • Size

      464KB

    • MD5

      2603d811f1bb0dfa9a2bc512b1b6877c

    • SHA1

      37c3eada1088255ff15dd54cd6103f13a5da37d5

    • SHA256

      06fc0ec1471e336e85c42e390e000cb906569d76b389a90426274c71b89c2925

    • SHA512

      3141f75899626a73ced2891bb22d19cde7ac839a1a12798e2065dd8aeed78e0dee3ceb97263a344ba56767540d91d89c582365c6dbc5522097cf64d0d418a130

    • SSDEEP

      12288:RH6+0TcqlYfxrHL+sLE//t29Zd12oOszT/29oXd:RH6+0hlY5rysLEn0F1LpzTuSN

    Score
    3/10
    discovery
    behavioral7

    • Target

      Richard/Richard.exe

    • Size

      13.7MB

    • MD5

      1315da9090edb3d25264a23fa2110517

    • SHA1

      b9b2681667aaf603d5d63b9d437620f8ad1db205

    • SHA256

      36aade30f08b02dd4d9b5458bdb10e17d976ad73e118b403130930ee4c28576d

    • SHA512

      ae69de313f074a510227beee6741b3aa3f8a7b97ea8bca2a73cdd55e59e407307be418cf7112aaaca9724d6398674c2e5074513f4147b12ff4ee22837531188f

    • SSDEEP

      196608:CYRFZdb/4uMrrpIxlllN/7cRRu9MRsdJlT1sPgwB1gqHmZSzHw2EKE:XfzlYgErkK2

    Score
    3/10
    discovery
    behavioral8

    • Target

      Richard/VMProtectSDK32.dll

    • Size

      62KB

    • MD5

      1e6fdcd6d847bbf9cd3a37ba72cda3f7

    • SHA1

      4630e17975f151858f6acefb591286d09daaf6f9

    • SHA256

      06754cb39c2e814577ac287b7dd0083f59933c867038407cddfb22ebc6c0f193

    • SHA512

      1ff53ac4eff9a2eb33f9e3f51dc848154d19e36cfc6e02912fde6e4004bfbfada3fa7ad76079ec18026ab7305f603f11e647682cb410efba1f27f7e9fd2be0f1

    • SSDEEP

      768:HoPxJEvm79UXEHoJ9Zu+mCpvuJx/cH/3raj5ckespr6vv6USYhCDgAkhHHqD+x8:HoP7EvctUT3Gejaj5He66KUScM+x8

    Score
    3/10
    discovery
    behavioral9

    • Target

      Richard/boost.dll

    • Size

      169KB

    • MD5

      a4d67525725e1bbaa3ba16b949ce2702

    • SHA1

      9a2f94fefe044dcbb886b8b52d44f10f7dd2b204

    • SHA256

      0eea519421b90d13f4ff5db9840f25a66ad572d904b8cc327dae482bb9a6723f

    • SHA512

      fa4d4cb4427866de74cbcf388e87de4e1225195a12444693af9ec45481a6d08e7d7e8c6fb88cb39b771d0a6a3fae27f79e1d113a6ac3591504c3cbcd92019da8

    • SSDEEP

      3072:waSnXoeWYY/WXhGbJX+QmYYYWYYYYYYbf1n31AdQY9nRUQt4uIqugji:wIejXhUX+791GiEkKj

    Score
    3/10
    discovery
    behavioral10

    • Target

      Richard/content/fonts/LoadingScript.lua

    • Size

      23KB

    • MD5

      7eb611f2b1049b9dae49c43da644d446

    • SHA1

      6afe64f04aaaf82aa88820134dbfc48a6e113493

    • SHA256

      f23af05b73bae7379ed178dbe4295b58978279e9201a352d77f5652a66ba8c4a

    • SHA512

      b24ea883950ceb1923ae69494a82c7384acf10b907eab186a6d2f7646e969174b5512cbf6c4e95772927b0ca426195bd65d5886ccf788a7119ee601f2a75b409

    • SSDEEP

      384:crpGYavVcGHudwSEi3IWzF7voGOQCSigamCa27pib9JPH:crppzF7vRvAZpk

    Score
    3/10
    execution
    behavioral11

    • Target

      Richard/fmodex.dll

    • Size

      936KB

    • MD5

      940a7db97456fa5c36189f41b05ea403

    • SHA1

      e217faed2d8e514550047c764c54d815f19826aa

    • SHA256

      5d98a1ac6782819550854a25fee1a0e17064e1537844413e4a5253b5b23baae7

    • SHA512

      34a47feb55aa55e8edcc1a64ccb1fead09eb6eac27cc05e289c937c5fb33c21cedc0783d3097cb0749a4e78de740ca960f96cbb989818e5277de40386fe16c8f

    • SSDEEP

      24576:FgpYqcs/TCBXp5/03M8gNERIQKGIUmmtGmee+Ol60c6z:Fgeqcs/TK3uM8gGRI2XmmtGmee+Ol60v

    Score
    3/10
    discovery
    behavioral12

    • Target

      Richard/tbb.dll

    • Size

      271KB

    • MD5

      7d3127f236015b436ccf8da4a2e61587

    • SHA1

      49cb04c7015e75f61d58df01cf9ab5bb192ee849

    • SHA256

      489417408927123edcdb6490939223ec2fc8f7576cd28e818fe86043ff8c9393

    • SHA512

      3550198b1c9768bf45723e617ee739c0167c4f068452936415548a7e7767ab7a020307bb320aed1ebe90e77b58050e2f0668ca4737a0e6e6c6e49f6bbac7f330

    • SSDEEP

      6144:dg9OniFPXhXgfbPnEgkBIUBs/OHrdlhDrO4RaWpApSJRYjG/rO4ay6Sa:dg9OiFvKfbPnEgkBIUBs/OHHhXO4RaW9

    Score
    3/10
    discovery
    behavioral13

    • Target

      Richard/tbb_debug.dll

    • Size

      764KB

    • MD5

      d5d8e9636270d6dd306701510e26a244

    • SHA1

      03e801913bfbbb69372b6141553c84257705560a

    • SHA256

      ba81849ceff9f60dc4285682bae17851c85fcaa2f27f180814c343cde933b833

    • SHA512

      74c557010d38d385f17242b5f639b368b0f80449f36f87b1e8bc05f5fc2451e5c5c34b6670b17242484eada107b148a3aaa4c7783fc6974772b330bf806ddff5

    • SSDEEP

      12288:yNdYkz2Uhux3qaZrgIIa0sDtoq+JwnyIi0hhZDu4hS0/aadWglPigd:yhz2Uhm3qaWvaHVVLd1hhUk

    Score
    3/10
    discovery
    behavioral14

MITRE ATT&CK Enterprise v15

Tasks