a1bda9487ec6adb07e89fec55f6c96756741e550d647558769b1ed5cc1113381

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

turbowarp-...64.dll

windows10-2004-x64

turbowarp-...64.dll

windows10-2004-x64

turbowarp-...64.dll

windows10-2004-x64

turbowarp-...64.dll

windows10-2004-x64

turbowarp-...64.dll

windows10-2004-x64

turbowarp-...40.dll

windows10-2004-x64

turbowarp-..._1.dll

windows10-2004-x64

turbowarp-...re.dll

windows10-2004-x64

turbowarp-...us.dll

windows10-2004-x64

turbowarp-...ui.dll

windows10-2004-x64

turbowarp-...rk.dll

windows10-2004-x64

turbowarp-...ml.dll

windows10-2004-x64

turbowarp-...ls.dll

windows10-2004-x64

turbowarp-...ck.dll

windows10-2004-x64

turbowarp-...vg.dll

windows10-2004-x64

turbowarp-...re.dll

windows10-2004-x64

turbowarp-...up.exe

windows10-2004-x64

turbowarp-...dr.exe

windows10-2004-x64

turbowarp-...ip.dll

windows10-2004-x64

turbowarp-...ip.dll

windows10-2004-x64

turbowarp-...aq.url

windows10-2004-x64

turbowarp-...ma.dll

windows10-2004-x64

turbowarp-...32.exe

windows10-2004-x64

turbowarp-...64.exe

windows10-2004-x64

turbowarp-...nt.dll

windows10-2004-x64

turbowarp-...ib.dll

windows10-2004-x64

turbowarp-...ib.dll

windows10-2004-x64

turbowarp-...ew.htm

windows10-2004-x64

turbowarp-...86.exe

windows10-2004-x64

turbowarp-...se.dll

windows10-2004-x64

turbowarp-...ta.dll

windows10-2004-x64

turbowarp-...as.exe

windows10-2004-x64

Analysis

max time kernel
61s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 11:58

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller

2 signatures

Behavioral task

behavioral1

Sample

turbowarp-packager-extras/_internal/PIL/_imaging.cp311-win_amd64.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

turbowarp-packager-extras/_internal/PIL/_imagingcms.cp311-win_amd64.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

turbowarp-packager-extras/_internal/PIL/_imagingmath.cp311-win_amd64.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

turbowarp-packager-extras/_internal/PIL/_imagingtk.cp311-win_amd64.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

turbowarp-packager-extras/_internal/PIL/_webp.cp311-win_amd64.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/MSVCP140.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/MSVCP140_1.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Core.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5DBus.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Gui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Network.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Qml.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5QmlModels.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Quick.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

turbowarp-packager-extras/_internal/PyQt5/Qt5/bin/Qt5Svg.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

turbowarp-packager-extras/_internal/PyQt5/QtCore.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

turbowarp-packager-extras/_internal/third-party/inno/Setup.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

turbowarp-packager-extras/_internal/third-party/inno/SetupLdr.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

turbowarp-packager-extras/_internal/third-party/inno/isbunzip.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

turbowarp-packager-extras/_internal/third-party/inno/isbzip.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

turbowarp-packager-extras/_internal/third-party/inno/isfaq.url

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral22

Sample

turbowarp-packager-extras/_internal/third-party/inno/islzma.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

turbowarp-packager-extras/_internal/third-party/inno/islzma32.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

turbowarp-packager-extras/_internal/third-party/inno/islzma64.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

turbowarp-packager-extras/_internal/third-party/inno/isscint.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

turbowarp-packager-extras/_internal/third-party/inno/isunzlib.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

turbowarp-packager-extras/_internal/third-party/inno/iszlib.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

turbowarp-packager-extras/_internal/third-party/inno/whatsnew.htm

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral29

Sample

turbowarp-packager-extras/_internal/third-party/rcedit/rcedit-x86.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

turbowarp-packager-extras/_internal/ucrtbase.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

turbowarp-packager-extras/_internal/unicodedata.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

turbowarp-packager-extras/turbowarp-packager-extras.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

turbowarp-packager-extras/turbowarp-packager-extras.exe
Size

3.3MB
MD5

9541cfc31e032739b9779e45dc8c10e6
SHA1

41f9b27726cafa351c686a2e0483a76917bf2950
SHA256

253b444a2e174408325cf332a55783f70aca79fb76f2c0c7dad49f77da290efd
SHA512

be9f0d3bfe8ff4262dd37fc6db1db44f46a9afd9095d45ed78e42a2fc8ebcb4fdd409c5118de919814ad56df20e493649dd74645ee0c8aa9e7077617ed1ca004
SSDEEP

98304:chJkBxDESkhQKhOC9+s2m8vYSLiNEqapl:chJiDEPhl4o+8m

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1264	turbowarp-packager-extras.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1264	turbowarp-packager-extras.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1264	turbowarp-packager-extras.exe

Processes

C:\Users\Admin\AppData\Local\Temp\turbowarp-packager-extras\turbowarp-packager-extras.exe
"C:\Users\Admin\AppData\Local\Temp\turbowarp-packager-extras\turbowarp-packager-extras.exe"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1264-0-0x00007FFA7A810000-0x00007FFA7AA73000-memory.dmp

Filesize
2.4MB

Download
memory/1264-1-0x00007FFA79850000-0x00007FFA79D40000-memory.dmp

Filesize
4.9MB

Download
memory/1264-2-0x00007FFA78C40000-0x00007FFA79181000-memory.dmp

Filesize
5.3MB

Download
memory/1264-3-0x00007FFA789D0000-0x00007FFA78C35000-memory.dmp

Filesize
2.4MB

Download
memory/1264-4-0x000001821C130000-0x000001821C140000-memory.dmp

Filesize
64KB

Download