Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

4

8870e6242e...93.exe

windows7-x64

7

8870e6242e...93.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

AutoEncryptDemo.exe

windows7-x64

1

AutoEncryptDemo.exe

windows10-2004-x64

1

AutoFileCryptTool.exe

windows7-x64

8

AutoFileCryptTool.exe

windows10-2004-x64

8

Bin/win10x...lt.sys

windows10-2004-x64

1

Bin/win10x...mo.exe

windows7-x64

1

Bin/win10x...mo.exe

windows10-2004-x64

1

Bin/win10x...PI.dll

windows7-x64

1

Bin/win10x...PI.dll

windows10-2004-x64

1

Bin/win10x...lt.sys

windows10-2004-x64

1

Bin/win10x...mo.exe

windows7-x64

1

Bin/win10x...mo.exe

windows10-2004-x64

1

Bin/win10x...PI.dll

windows7-x64

3

Bin/win10x...PI.dll

windows10-2004-x64

3

Bin/win32/EaseFlt.sys

windows7-x64

1

Bin/win32/EaseFlt.sys

windows10-2004-x64

1

Bin/win32/...mo.exe

windows7-x64

1

Bin/win32/...mo.exe

windows10-2004-x64

1

Bin/win32/...PI.dll

windows7-x64

3

Bin/win32/...PI.dll

windows10-2004-x64

3

Bin/x64/EaseFlt.sys

windows7-x64

1

Bin/x64/EaseFlt.sys

windows10-2004-x64

1

Bin/x64/Ea...mo.exe

windows7-x64

1

Bin/x64/Ea...mo.exe

windows10-2004-x64

1

Bin/x64/FilterAPI.dll

windows7-x64

1

Bin/x64/FilterAPI.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8870e6242e397575f54ac0acdfae13117dca54c01198c951537ddc228bb29c93

  • Size

    3.9MB

  • Sample

    240820-bavfwsvgqb

  • MD5

    e1d69c9d80a3b36574e0a13860c26265

  • SHA1

    9b09ee9803d552b8d56fc0ca00de09e55b903730

  • SHA256

    8870e6242e397575f54ac0acdfae13117dca54c01198c951537ddc228bb29c93

  • SHA512

    ee0fa3236474cf3c7e75dd319cca2bb1dee369546439fb28b48cda3353184978a4615abd285d0eccde4a149d264aadbbcdac672271a499d1ba2faceb832fe09d

  • SSDEEP

    98304:0L8i6lt7tQLe+fvcNBq4aJN5+Ya+fRy3dgLEC9H:0Lqlt7CL1vc4JSY9ANgLZH

Score
8/10
discoverylinkpdf

Malware Config

Targets

    • Target

      8870e6242e397575f54ac0acdfae13117dca54c01198c951537ddc228bb29c93

    • Size

      3.9MB

    • MD5

      e1d69c9d80a3b36574e0a13860c26265

    • SHA1

      9b09ee9803d552b8d56fc0ca00de09e55b903730

    • SHA256

      8870e6242e397575f54ac0acdfae13117dca54c01198c951537ddc228bb29c93

    • SHA512

      ee0fa3236474cf3c7e75dd319cca2bb1dee369546439fb28b48cda3353184978a4615abd285d0eccde4a149d264aadbbcdac672271a499d1ba2faceb832fe09d

    • SSDEEP

      98304:0L8i6lt7tQLe+fvcNBq4aJN5+Ya+fRy3dgLEC9H:0Lqlt7CL1vc4JSY9ANgLZH

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      90bb49f3fd416f912a637526914bd044

    • SHA1

      626051dd6c759a5b847664549736c37aba9ede5a

    • SHA256

      1f8e8f336df6773d6b63bd5a7efbfc889d08888fec55da402eaf93cb950aa283

    • SHA512

      5156923f51be2057f7003577b46732f6b0b0bb55402f49df3747085b9802b3a2492cd5f087ef988db5a69f241c10163ada0e649b149da8a198b7fc2cc83334e5

    • SSDEEP

      384:E5C43tPegZ3eBaRwCPOYY7nNYXCA/Yosa:EQTgZ3eBTCmrnNAE

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      6e55a6e7c3fdbd244042eb15cb1ec739

    • SHA1

      070ea80e2192abc42f358d47b276990b5fa285a9

    • SHA256

      acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506

    • SHA512

      2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35

    • SSDEEP

      192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      AutoEncryptDemo.exe

    • Size

      32KB

    • MD5

      6757be332b713fe334b01a1bdd297482

    • SHA1

      e69f5486a08b75f13fe0aa9c5c12c718b31718db

    • SHA256

      e948d7636d6a623c8ec584b88c98926b413b02b0464b53aece4adbeedc1eaee2

    • SHA512

      852a74920685f2d2b83e4378f9a8a9a13740d00df63e95d7e3e2329c79ea897b2e5bf834d12273cdd178e4173e5b55ed6916dcb49cbe85341175acff15cf6cce

    • SSDEEP

      768:NR9TbFDxAOcmzYcHeWDmMht/feVE3h9Tp:v9twTALl3h9Tp

    Score
    1/10
    behavioral7behavioral8

    • Target

      AutoFileCryptTool.exe

    • Size

      175KB

    • MD5

      fa93eec0ee7f9f4dfa68500d2302038b

    • SHA1

      0723fd2a2e9c2fd805fa294f6f440257fae4e7f2

    • SHA256

      fd1970b74a5da3e3ff0695497e0613afdc0be99d7e0db3498269e6497487fbf9

    • SHA512

      7207d2920fc1f5c29bc0a318ecda50ff00d460f3e1b6e0a362771c362dde921c17e115ae6c42133ace20d4ddc8364b05157dd125ec5c3e9a9182c4897e606b0d

    • SSDEEP

      1536:JYN0qP1V/kklO1PW92kklO1PW9/kklO1PW90lRjUOnf0qP1HuuJ3h1s:SNbpsgAsgtsg0lRjRfbNu8s

    Score
    8/10

    • Drops file in Drivers directory

    behavioral10behavioral9

    • Target

      Bin/win10x64/EaseFlt.sys

    • Size

      205KB

    • MD5

      76446142d3ceb8e77e3dcd7b274b4267

    • SHA1

      5efac8e9a760ee530225cfac2db464fd6e66d197

    • SHA256

      73f810c1f10726c983529bfcba6829fc0255849b39daf5b091a7d0bed1e8fc41

    • SHA512

      aedfa62208d13ba24859270806ffaa1731d90f662f84d36fca1b26b2b6d18320421f4f1e87dcdd8b0fd1010eec23086f258018af4349eca889c99f27a2313437

    • SSDEEP

      3072:mdNwVJehHIE4pLHDbq9XIYDj9EXG3Lpg0A8MGiqCnPpu1Ll0k25fAwCT:0IIhdML3qXfe4Wcfidwi4L

    Score
    1/10
    behavioral11

    • Target

      Bin/win10x64/EaseFltCPPDemo.exe

    • Size

      175KB

    • MD5

      0d245d5c774f7914a3a59133524cafd5

    • SHA1

      e107df47ed5a7c914b8be67f9029a9d1a561032c

    • SHA256

      d30ed2bae09788fd1d5e108a69903db1fec827a427200e009af99653f12baf2d

    • SHA512

      5282623b88f5be6e81744f8410aa26bda780200f54d91c9953c1d0608e8c718dc0a9274c77ff3fc3092f8a200cff3016c42a995a9d529877e80198181f4c6bbd

    • SSDEEP

      3072:IRaTGfDQ+QnkJZEGJgFww0lTj6V5pYHfrRtHle3aengSS7yCVScbQEXQi4:Saik+mkDpXlTj65pYHfrRtHlIU7yCUEy

    Score
    1/10
    behavioral12behavioral13

    • Target

      Bin/win10x64/FilterAPI.dll

    • Size

      305KB

    • MD5

      e12436cc453273482dfb150a6d7c48d2

    • SHA1

      80ca5bae05cb93c4b3b935bc63c14ead9e3d7cbb

    • SHA256

      c1a448498019b3aff1b0f85ccc3448cf2757e02033c4beff08af68f760f96131

    • SHA512

      dc42f06cdbdc0762a8f87448b815bd1228fb96cd2a128fd8b6ea6634775031b50fa5a29dde7d211f6ae334811a8dd9e6483a8d8a8e80948eadac382094fd49ee

    • SSDEEP

      6144:kHbJF+imBQkrZXvWJCiT4ofKcZ/x4OcyvFW/GnhaZ:k7yXekduicIC0/GY

    Score
    1/10
    behavioral14behavioral15

    • Target

      Bin/win10x86/EaseFlt.sys

    • Size

      205KB

    • MD5

      131e79485ea413e6ed81ca4ccbe6f6bc

    • SHA1

      689eaefe3987115b9e9a30d2183b92b39980bd83

    • SHA256

      c41a55cd17da04e8c27f7f2e5f69d776bd4c4eabc733cdf697f01a11943d1408

    • SHA512

      221857d460a804bcc619a5760a513090aeb026e859cf89e25cce2082677ad194a296af0e5ed8d62bfee54127a55ce3ddba50615f8e56345442e102512dbd9e7f

    • SSDEEP

      3072:/dNwVJehHIE4pLHDbq9XIYDj9EXG3Lpg0A8MGiqCnPpu1Ll0k25fARCw:lIIhdML3qXfe4Wcfidwi4t

    Score
    1/10
    behavioral16

    • Target

      Bin/win10x86/EaseFltCPPDemo.exe

    • Size

      175KB

    • MD5

      7698f9ffc866aca7b5d9910915675a50

    • SHA1

      7c39073e4b713c4b1427a4aca64887bf151ff3a1

    • SHA256

      2e671ae032891511e0d98fec5534977b1f8c48c6776ce7d1af889badbd453b1d

    • SHA512

      fffab3cd7f000bf266b807d877d4fa45d2e3575907134e151705c491e129d1e6087755cfe78b1d16fb0357f7d29f4194a76bb90ff014a2491d4a99dafe47c3a5

    • SSDEEP

      3072:2RaTGfDQ+QnkJZEGJgFww0lTj6V5pYHfrRtHle3aedgSS7yCaScbQEXu2:gaik+mkDpXlTj65pYHfrRtHlI67yCzEb

    Score
    1/10
    behavioral17behavioral18

    • Target

      Bin/win10x86/FilterAPI.dll

    • Size

      162KB

    • MD5

      1fa51ae9d32ff5ae46127055eb92e756

    • SHA1

      0935795959af00b66896d5ff97a508ef295d831b

    • SHA256

      e86e8d8950cdeff8fb1aea225a81da0acab253850e1b759ad45b8145c3bfcc5b

    • SHA512

      113c9e95d54046d0fa11a77c6cb9691ca1db0529a9b06451fac563fa871dd7555d412448a24a5a6da5bb28a85e25739b42bab62bad143cd65e5358a1372c7493

    • SSDEEP

      3072:CFEGiujn6sfaEvL0r2ENTi2eZmHxqblhN1JtK4igHLY2:oE3ujVfaY0rMb1XUUU2

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      Bin/win32/EaseFlt.sys

    • Size

      160KB

    • MD5

      51a2d87f8049f0045dd3d19ab8db1c03

    • SHA1

      cfc6c5030f664bba8260e9eebd949b36428739e8

    • SHA256

      96f3d827902d0c2d73f51a3beb12a56961bdf56838aa76a9d066fdd0e0c83b32

    • SHA512

      628e873dd3cda7a2a8088e0e4fca8dc588f46fb1b1f6e43ecdb22065526635c5ac54cad83a5a2b8a402bd7d67e0fce472dcf1bb062e3c0f64624874530176770

    • SSDEEP

      3072:ZvImjgw8XPGgB6COlu66muL5yZzpqRN+Dh:ZvImjB89tkzk6h

    Score
    1/10
    behavioral21behavioral22

    • Target

      Bin/win32/EaseFltCPPDemo.exe

    • Size

      175KB

    • MD5

      cbad51b3999ac34627d0e08ff16cecc9

    • SHA1

      9d84d506dd53d255d47bd7b5b71261f06fdd073e

    • SHA256

      539c054203ab770ef639383e92746fb58e065d300ea614e52075cf873e31d575

    • SHA512

      45ae16cb9e3bf29bef731a7806f5c10c94fb88de7639cfba274a2fd0fd195f3acd19f0718eec4735ade482296e8ab6986c5683940dbb6237a9a7b08c5b18654d

    • SSDEEP

      3072:2RaTGfDQ+QnkJZEGJgFww0lTj6V5pYHfrRtHle3aedgSS7yCaScbQEX9c:gaik+mkDpXlTj65pYHfrRtHlI67yCzE6

    Score
    1/10
    behavioral23behavioral24

    • Target

      Bin/win32/FilterAPI.dll

    • Size

      162KB

    • MD5

      1fa51ae9d32ff5ae46127055eb92e756

    • SHA1

      0935795959af00b66896d5ff97a508ef295d831b

    • SHA256

      e86e8d8950cdeff8fb1aea225a81da0acab253850e1b759ad45b8145c3bfcc5b

    • SHA512

      113c9e95d54046d0fa11a77c6cb9691ca1db0529a9b06451fac563fa871dd7555d412448a24a5a6da5bb28a85e25739b42bab62bad143cd65e5358a1372c7493

    • SSDEEP

      3072:CFEGiujn6sfaEvL0r2ENTi2eZmHxqblhN1JtK4igHLY2:oE3ujVfaY0rMb1XUUU2

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      Bin/x64/EaseFlt.sys

    • Size

      195KB

    • MD5

      29cd351b4f15bee9d418c007e8cf2476

    • SHA1

      7a8fcd3e416a3a34dc81c2317ebfb88f187dfb08

    • SHA256

      f27413b7e3a428ce475eeaef131274502d332d7da6ae3a85bb9f22f427be5e1e

    • SHA512

      b35126bed8679d285e4e339ca2114c11cce1355848807391e3a43a9d4fe10553a5fc5df9254c64c82eda73f1f1976b1a1461238898b2ce616c5ede3231450bdc

    • SSDEEP

      3072:D/B2V+IRYee+tz6hmSAStnmLWnq3DX5XAMvwTyIUx/739+q:Dp/09EhAGnq3DXauwTCxEq

    Score
    1/10
    behavioral27behavioral28

    • Target

      Bin/x64/EaseFltCPPDemo.exe

    • Size

      175KB

    • MD5

      3df012c3980647d039356ddafe586744

    • SHA1

      d761e92cf94170d3ac074937aeb6b505e16eb709

    • SHA256

      314e650dfbb2334cdc2a4c42fde1a177cd82c5ba3d4dc93fc171a94384259229

    • SHA512

      fb907905ffd350b0edaf2ae993afb961694d55ae4ef17578658e07ea87fdf8aef69305c878c68407562912e93152a789b1c845043fb3cf1c24009b35c23f8376

    • SSDEEP

      3072:ARaTGfDQ+QnkJZEGJgFww0lTj6V5pYHfrRtHle3aengSS7yCVScbQEXmc:6aik+mkDpXlTj65pYHfrRtHlIU7yCUEz

    Score
    1/10
    behavioral29behavioral30

    • Target

      Bin/x64/FilterAPI.dll

    • Size

      305KB

    • MD5

      e12436cc453273482dfb150a6d7c48d2

    • SHA1

      80ca5bae05cb93c4b3b935bc63c14ead9e3d7cbb

    • SHA256

      c1a448498019b3aff1b0f85ccc3448cf2757e02033c4beff08af68f760f96131

    • SHA512

      dc42f06cdbdc0762a8f87448b815bd1228fb96cd2a128fd8b6ea6634775031b50fa5a29dde7d211f6ae334811a8dd9e6483a8d8a8e80948eadac382094fd49ee

    • SSDEEP

      6144:kHbJF+imBQkrZXvWJCiT4ofKcZ/x4OcyvFW/GnhaZ:k7yXekduicIC0/GY

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdflink
Score
4/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
8/10

behavioral10

Score
8/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10