Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    x64_installer__v4.6.0.zip

  • Size

    36.0MB

  • Sample

    240829-xal1eavhlb

  • MD5

    d7ca31a29f23b52a934d469332fd9628

  • SHA1

    1a8de5294319b82bbae62746b7ead9beb5a4bdf1

  • SHA256

    6877fc96e12967e2edd83747fed16a9fefde37bd0ee69616d9b9226e9bf93f33

  • SHA512

    03a5a213eb22d9504814a848aac2b81c545966b8817696873689344c04bc43699c2542c100f66f213f4bb1485bb34f97c0f79b16c5a5b3e488b6356759d6d673

  • SSDEEP

    786432:hyGdMWN7LMfTTAAHHdK1WIW00M0Rhnalx9FKKrLRCkr6dfN2CO:hyz/def0xaDKKJ/eLO

Malware Config

Targets

    • Target

      bderepair/ConsentUX.dll

    • Size

      111KB

    • MD5

      86fd3bf6873ac240a7b4bcf065c31daa

    • SHA1

      ba7a68a32cf1ddbd7e0549dac4de4b0666378f3a

    • SHA256

      ce2837f057a1c5991982b9336cf9f245e7789fb1325965117d0dc74c14c07d82

    • SHA512

      46e00ce61c06ede5f57fee74cdf8aaae71f858bff5586acc5a1fce1264c98ef517e21d270996801338ac2d2bd60020975755276bc8116e2d78dc41420a8af4fc

    • SSDEEP

      1536:km9OefVSG0qm7R0+7286sLdipLF4FWtS91XGOAXndJsutsf7InjYiAQ5ZPB:RSOd6abNGt9IOyn4utsfOgQ5Z5

    Score
    1/10
    • Target

      bderepair/bderepair.dll

    • Size

      49KB

    • MD5

      adf5efc6a6df55a66a82e5145c495b99

    • SHA1

      f9ea346ee040e1801f6a678ad4e3e9b6af713b02

    • SHA256

      bca197e9067f113ecbf0bf809154e6e07ff5e5651615e73ccdcff6707ba3b1a5

    • SHA512

      e043b3668165b58fc420d7d7d234a7717bde290da787233d3abcb0c274fdd42bf68259969934b78947d7c4fdfc6bc56ea78056fe92da8cdd4201219c9275a25b

    • SSDEEP

      768:xSS3Wzuxhk2I69ha2v208njKP2UnNmco1/NQAXkFlEhQnuWm4:cyUwhk2I69riKP2JNvXk5nD1

    Score
    1/10
    • Target

      bderepair/configmanager2.dll

    • Size

      693KB

    • MD5

      201b8c59d439148a1f1e954500552f5f

    • SHA1

      57e2f88e0b7760dc43b5ce70bdccf8a4109b8907

    • SHA256

      d3729ec06130b04587161f501161bdbabe35fe8fce55ebb2a2ef55eb5054a7ea

    • SHA512

      1ccd419a1d01884913ca589188e745c6618e0789bc7e669c0f402c2d46fe40436e5abb542165fc8f66e8c220eb0b86b79aebad4f6158e4b46647a79a551b5794

    • SSDEEP

      12288:77LfGgNuZ1k4tEo3QzTceCwEx7D2oKoXIUL2RtCrOH62iPT:77L97ZY0Tceex7ihXUtrgdiP

    Score
    1/10
    • Target

      dxilconv/HttpsDataSource.dll

    • Size

      328KB

    • MD5

      00f9286052e0719b71919173e0767556

    • SHA1

      30317f500ad86a80c1bde51c8183e67c9b882544

    • SHA256

      50b804e39a31c19252cc7b1597a3dd579ac37e4daa3d75db0925f8ed716fc59d

    • SHA512

      a2dc3cd10e20b66dd98b99aaedd35483273e8fe1949487870e8dce704c7bf4a61ef020de7ea243bb15f1f0fab5aba1b92211b927a65babbb712b0085fbf58958

    • SSDEEP

      6144:AjN7gysDnDSUwJbLqOoum8m2DX0M3rqp2NuBw/+UuoLvx+fb/G:yODD2bLqOoT8xh5uBw/+YLvx

    Score
    1/10
    • Target

      dxilconv/HvSocket.dll

    • Size

      44KB

    • MD5

      871ca2345825e86d1d2d2a2e9e475d4f

    • SHA1

      31d27264fdc541d148a88848ed64d83928f1cb28

    • SHA256

      4d52ad5075b4d06287c375c1afff17b0cbb2df0c2b45ba97c25bca3170b9bd97

    • SHA512

      ddc4bced3623deffe3c5c2a6c99828a3cfb6a5a27a7a6a46ab767e7d9deb639ff32e2ad50cda9ce58587554d54b5ebb78e711732950d9122d536f0945aaf5bd9

    • SSDEEP

      768:SXGpHp9aP09Xnc+BifZMxzsGMVYFZNLmowzW4hIBnQr6wD1P73s90:SwP9XnLEfasGM0ZVnw6QIBnePI+

    Score
    1/10
    • Target

      dxilconv/dwmscene.dll

    • Size

      2.1MB

    • MD5

      9f3fa96f301cbe828aa9e98f13506f4a

    • SHA1

      d37dad62902459cce1fc3a33f069a4d07dfa492a

    • SHA256

      0986c7ed3af3f1b5d1e01bb85eeb6045c3b7f34a8be1300ed48f3b8e36a8037e

    • SHA512

      2a87d19bb7505a9e0af315c1b08b08528dacc0c73076246a9c6666fe60e08956f28ec10e8d3c60e160600544915f1e337d6ff235d725398c0a7377b9c06fa079

    • SSDEEP

      24576:EVeqFAyNs2oBJjFGQn8zXSWe0/DEZ2Q7XIvG66AreJhjq9xpW7lNgQX/6rnqL+9:EVeHv7sQn8zX1eH2Q7XIvAANQL+9

    Score
    1/10
    • Target

      dxilconv/dxilconv.dll

    • Size

      1.2MB

    • MD5

      d962a6d5f88db0b8680e4b7f433c4160

    • SHA1

      60fdbe14063b3fa5062eb7d53ae2b405657eb94f

    • SHA256

      4c00ef7890a706dcdc84804a1eff8cd69f029d549e68b3dfc8afe2da7bc43e3a

    • SHA512

      5dd5a91d06aee42fc5c734a5304560cb1a7ff934e323a70fc06b1f360d056548951f0800a6715d23c7cbb761886cffc850e814f9eac268b8ffa997cec2fa4ad1

    • SSDEEP

      24576:iCtQ1nQxWmjWsZW8rZHY7HPAsjyIgfYAqTOkAEEA:VC1nQxWmjVQCZ4rPAsjp1AqTOTEL

    Score
    1/10
    • Target

      sbeio/AppVStreamingUX.dll

    • Size

      191KB

    • MD5

      c14173bbde6406a790c8ffabbd5d0866

    • SHA1

      fe5391df0395fe4c3d2c91e3e15ca0c33fda4d55

    • SHA256

      23ed1c7f0404ec7d450d3df9cd94de91a676f1b4038aaf27189523ced4e5d260

    • SHA512

      4dd0c32eef57d4896e323c78bfcec7da6f8fd90f830cbcba7ab5c2a9f898992131556bbca66c212a43c04a6e9e88d34583eed0c153c8a4972aab75d6b059aab0

    • SSDEEP

      3072:4HyExS4WkVlEEQ1Fk6rJ6Pzwn2z5sWGNU6ITLJXWKp0b59:4SbrJizUWGNU6ITLJXWKpQ

    Score
    1/10
    • Target

      sbeio/aadauthhelper.dll

    • Size

      477KB

    • MD5

      a19703831ed4c8bf3ff5c6e5d752a0d1

    • SHA1

      1954de5abb7488262a4b55b82a85cc86b068f4a7

    • SHA256

      df02a0525603ae811a24402eeea6f6d7fcf1a5a9ad7218284d472bde3ee33705

    • SHA512

      135035c58524e74234b19cce39643ed15d4953cff2e3b1575dbbb997d9492857db1e8af5c8480393608500e26c1e776f233502a4076dded5b409d554473fb21b

    • SSDEEP

      6144:c2nN3Y/jXjXliCSGd7N+ipH+ph+5BfU9Nq1Ce3T/bSSAGQikb/+jKY:c2nNE1iCSGispAGVk6r

    Score
    1/10
    • Target

      sbeio/sbeio.dll

    • Size

      193KB

    • MD5

      179ab2ef9eab65e2a7b53c17e02e796c

    • SHA1

      99c45898994d8caeee1d1e8f0a6e0c4a85ad2f38

    • SHA256

      609be2915d4f32317999c56b69d26c463c62dc6795f5ef2687ca16784e838add

    • SHA512

      76cc509aaa87e195307f184ed117b2933bbf0cd723d54edb453387ecb8a13869907a404afa40ab80cebbf15389d2d72e5dd9eaa2dc0dda6b6634f3a637cb8122

    • SSDEEP

      6144:c9ZbFbEAADzAdx5N+O/v3PbTuBCEpzxOK9J:c9/bETzExz7PPbTuBCEptH

    Score
    1/10
    • Target

      setbcdlocale/SensorsNativeApi.dll

    • Size

      71KB

    • MD5

      3871be4d3bb1244d9d296a96bf10f4a0

    • SHA1

      094c6b8a9d0344e7861f77cba2f78ae20dc951d7

    • SHA256

      c95f24221bfc9013ebf65a696febefa7db852ec5f5b01ae437228ff623d14fe0

    • SHA512

      26d36b1ff66ff00d055f1527125def16eb070a2ecac23ee974c9bea6adcfb6b782bdbdc1e7f624227df04f1c3e7562fc8f72e646dea1488cbc3491757232f32b

    • SSDEEP

      1536:QU2ujDhdHzYGxWupWxURMLhDhvsP73zOS:QUfdEupW+RMVDhvsbx

    Score
    1/10
    • Target

      setbcdlocale/Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll

    • Size

      166KB

    • MD5

      5d09e83e8d03f9f606bda2663038299a

    • SHA1

      8c1b9c12a0c124b31eaa1adc8ecdfdcb7230c7ed

    • SHA256

      f427b5e0daf9d8820335e5030a751383b0a6ec65771fe0d55f72aa8d29d94a57

    • SHA512

      8b30452f20de244b00955a42888346b8cb8b5897439c347b15210967a9c8a3a4975bea7d3952bae68b39812fa5e257c99678e64c1b5ea3f07a68aa704c103a53

    • SSDEEP

      3072:OTrt+f33khxT6xBh/Uj2mOiY2czLmCdjlCQnUw1o+PcDQT+9SGf3Le:crS3+YXibOPalf3

    Score
    1/10
    • Target

      setbcdlocale/setbcdlocale.dll

    • Size

      90KB

    • MD5

      05cff15ab2be64cdb74c1a542802f7bb

    • SHA1

      365064133164b804317734f29e503749c5be0791

    • SHA256

      6f4a4f78ed11823f45fe9efeab507cbf8bbd90a415cd4151427b071ecc576dc0

    • SHA512

      d1cc2ce594f1c579a77b9f1fb390569c1ddf04f37051a5bd129d92cc6a17e87e731928474c711976f32e8cf76ebe2e9e9043b72e1ea44d4f946d1164abeb9e52

    • SSDEEP

      1536:sZ+jo1g3vZsHqhPqnGSRlpgCPcm68OXvYj482yt:ToOvdNitlpgCutvYk82yt

    Score
    1/10
    • Target

      setbcdlocale/windows.internal.shellcommon.AccountsControlExperience.dll

    • Size

      88KB

    • MD5

      d53bf893c4db9d7d91723d2ec66c111b

    • SHA1

      fdfa9eeba6cf238518cad9dd63e1708a217adf6a

    • SHA256

      9ada752a5aa2b7e6b97f7911e8ecab58f5dbe54f149e163ac004bdaec7e8b83f

    • SHA512

      ac3d7160028faa5f4434d7752dca674db3cb1a326ff8a8af8bb014fe37534d8c1917c19e70f022b74653d8ec55bbf6f590e440407dda3ebbfaafb503157777d8

    • SSDEEP

      1536:OYWoMuTMoqO01IN333g2CGzFRV+aj3z2vQQguKkpmeqf+wU9mcorP:PMBG3htVX2vrguRArf+j9mZD

    Score
    1/10
    • Target

      user32/mfc42.dll

    • Size

      1.4MB

    • MD5

      cef028db62cb1e5678216f2a8eeeca55

    • SHA1

      17c9a591b776af82ea783c2877bfe7c33023897f

    • SHA256

      44fe9f2027556d31177651990dfc56d49058e09983e93b6f656e79978328d350

    • SHA512

      af31fda553437dcdcddf9421f267f09bf98ac0b66e000f72a32008c6e53c15fd233e8f9564c0df68d2795959eabad4a88f49b30f87c4f29aaef61005d978e148

    • SSDEEP

      24576:q1WIhuQ3fkW9Xy/Vu8xk9m0hX+M4gLFtz8C1y9/+:ehuQ8Ju8xk9vD4gL/V1yW

    Score
    1/10
    • Target

      user32/msvcr120_clr0400.dll

    • Size

      970KB

    • MD5

      99e982747b36af703209b734d9d05263

    • SHA1

      c889d6646d7c33fb108e2719875c5f4c49a6b0c0

    • SHA256

      17e09579c756d7374dea79969bab36d3d9257d4d51aa1934d2db1be374d9a425

    • SHA512

      0320201088fbea857745c25512c7840dfd375f56a4bd881cd3910de7e7aee58309f84450796d098bb4754b6ba6ea1409ec58c4e44c264384459be077f2bf6a9b

    • SSDEEP

      24576:JZW0xZ/BOwDlQcUHGOdrOhO+LwRZkUTotQmWym5/:JJKKs/d2O+0IUEk

    Score
    1/10
    • Target

      user32/regsvc.dll

    • Size

      168KB

    • MD5

      844cd16309a20424f3ffab15fbc804ad

    • SHA1

      be29e124de1fc11f99756170350f7ba972235288

    • SHA256

      5fa4008b965632f8cae398e68e9fe5797b25bd1cdd70df5e3714a3eab5a57e40

    • SHA512

      1de36160c775f50c35d036bcc039a844c0e570044af8de161a9d6268a7fce648f7de7746367cb1abd4f392b5dbb1ac57dd9b6ba9b56fff4065e2b61e26bd9388

    • SSDEEP

      3072:9J/Vjliio48xo5l75uZRYcXc6kCX/Q+Bs86GaT:9J/eiz8xgcXc6m+y/G

    Score
    1/10
    • Target

      user32/user32.dll

    • Size

      1.6MB

    • MD5

      b8c99edb9d88bff95f742aedbd86150f

    • SHA1

      2bcf5881c4e956c4699fa25acd520192ef65a553

    • SHA256

      f37d36b88e2f48e9ff442a7031968e110ebfa106e0413957a81d9aeb16d44c36

    • SHA512

      ecce1009f795f3da8c96630d52171b8e61b3ae88a030940fcc2c9422cb7ab33040d6ba712e764e9483cad6f9f412ef92e19392aa483e0a9c91d09561ae6b38c7

    • SSDEEP

      24576:equmojaogYQIA4woguth92xePIkvMGWiOeJJBwuCx59U4IgL5pX:1zogYQIA4woguIxuvZWrAJBwuOTU4IW

    Score
    1/10
    • Target

      x64_installer__v4.6.0.msi

    • Size

      34.2MB

    • MD5

      5272795582402dccea775dda61760529

    • SHA1

      2209ed8723742435012e1c500f6be10c8ffa7d16

    • SHA256

      c07ec4e1dd259f87f4939864be906470f912253e026d48980e05fc059685ca03

    • SHA512

      31eb5aeddd15431c29248589de1291ebe7dcfb88639c412fc886cd9726c3a1be90cdb4c29f83966c0427cb43120debafa5879f5e01bc8d258339e12cfcfea988

    • SSDEEP

      786432:et9FUyTDXySTjxA4Ztx2+G+N0WYQYBXPByttH+dktHEDv0y6VJy0o:et957xVLYjsp+ikJ6Vho

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks