Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ffff.rar

  • Size

    5.2MB

  • Sample

    240821-lx6sjssape

  • MD5

    2f1076300e4ad02d2d43985f4a55def9

  • SHA1

    e2acda003a7980edf81ee4925ecc73a8deae3245

  • SHA256

    662989d40ce8865042f68aaf3f831cba019a74090a36471077f7b51d2f5989c1

  • SHA512

    7521344afa848a025f14a60f4648fe24bc1f152d897c77598f4d680dc64e11b0e1f8683232dfce02d846a6c0d256628e37c091f46d60425a16984b4fc6230eed

  • SSDEEP

    98304:pP8US8h0T/tuX3buU6Sq4eEEOTfKf7MX4AcsV2GjqA8ea8O82+xxZUgLhQeRgWiG:pPXh0qrNqDEpTC5MJqA8eaMDLhQGUF5+

Malware Config

Targets

    • Target

      Soundpad.exe

    • Size

      11.6MB

    • MD5

      ecdde99f36da416560e91f7c9f97b390

    • SHA1

      7957c54b11b2318e897b673bcc6aeafc92ac39c8

    • SHA256

      0b6f4d707649f9913257c50692f86f79b7e942ea0eef2eaa30b53702a63621c7

    • SHA512

      9ad6b5085cc12593c5c8dd094743d4e73b0693487f04f89705eb1ea09f057f4b5e1f4b2d03bd3b79b38074590c7bd75acd5484f878e1627a43549ebb3b38dcf5

    • SSDEEP

      196608:8qELu/h0xDDF4ppftCyh+DdaIuqFkKz/1xqh0T0Q:87a/h0JF4ppsyh+DyQ

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Target

      SoundpadService.exe

    • Size

      555KB

    • MD5

      511cd2c53ce1cb609b6128ffc98481f9

    • SHA1

      63c6d7f910c2019dfedf39e912aee3ffa7e1adf3

    • SHA256

      c1f862142c7a6cb1afc8a578a709d0853f0748e3b7a91aee85b85b5ca2244bb8

    • SHA512

      79f0be1ccb2a633b1471488f1ef3d2629930c586cc01e5a385d9c33b8fd4c4cd10c72703d7e043e109d685a230e2a94f0f1e1ebb8e2adf662b5af19cabda4cf9

    • SSDEEP

      12288:lVAJlJJnLICwzhGGifgrPLaMG5LAdRk9k9:lVKa8EPLav5V9k9

    Score
    1/10
    • Target

      TTS.dll

    • Size

      161KB

    • MD5

      e47c48e74f86f24658a4deb4b868f663

    • SHA1

      7bf35f6d6a43c1a4c7866f8fccce95a4abb82dfb

    • SHA256

      10c676ce80a159a3913a6f54273b3b44a06ef52397cbd0b8addf5a622a060e3f

    • SHA512

      b6bead091464fe521dc2253f0451a729882b1468068aa8c6258250339d68ce073a51b8b7eb0cbda96540b89e51469702ff13c991f52c7c34ff988087c155a0f7

    • SSDEEP

      3072:F7/6FDJOlH2esjvgnBUv3okpl4Yx5+Zv+dxqQ10z58EItVi25Qr6nlbSpcR:1/6FxesjvG+fokpqS+p+PqEtVi25I2VX

    Score
    1/10
    • Target

      UniteFx.dll

    • Size

      584KB

    • MD5

      232182083ec6ddf266b81811c1d26a3a

    • SHA1

      ef8c258977752887a0e5d9688fccaf74cb53201d

    • SHA256

      b7b8218f1c386cb5a703023b6f1871809dcb9a1cb981c7dc6538a4d4fd08272a

    • SHA512

      e299e0bcfa46e21a718e5eb61b9b3f273ad8c4f5fcd4aa291045b43b62456e4893b37be76e14802ed011532ac914f42b00096d07b117e784f9f195b1380f70ad

    • SSDEEP

      12288:3/TV7HfaCAl4SWjWOAPQMpWe3OiwOkUOyU0joatvRG1Gv3vKqR:3/TVbaCiXpWMOiXkn2tTvKqR

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks