Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    CoreKeeper_Fix_Repair_Steam_Generic.rar

  • Size

    10.4MB

  • Sample

    240905-w9zj4sxgkg

  • MD5

    60a1b4df8e17357383f632acf7c33405

  • SHA1

    65f81d71fb89ccd386c553757c566ab1b662479d

  • SHA256

    2c9ec82181a92a3b86f25a048d0257836ab8b2b441bff186215f5cbab8e3a33c

  • SHA512

    b3b24335ed4c82ffad77dbd120ed9e28a53417ee1dcb3208f9f21b944c1b719b1e1cda0254a6beda4df0c336400ccdff1a66800bb002e1f3b901325c30729bc0

  • SSDEEP

    196608:YVz7LgmY3EzCNUiTDQQqoCGm3aZ6XPF/SfyqLoVUfddB:Y50mU6CRXq5GUaZyhPq8VU1dB

Malware Config

Targets

    • Target

      BepInEx/core/BepInEx.Preloader.dll

    • Size

      42KB

    • MD5

      24e30ee42802145447b474613f66c376

    • SHA1

      096810482069885b56fa430f7dfbcb77506f086d

    • SHA256

      9a7597d16bfc1d2564c6c1168fb077443155946b66f2041e1d1cf9548de210b2

    • SHA512

      3cbd64478650c1093e9c778408291d9184a84b5190e2d540060faf112b68feffa2d90a2fb97e82f586b40fd85ff60c77c780adf6f867a591a3c068be3718c0bd

    • SSDEEP

      384:2MEBj+RTLt5m7jJQNqgXnz2pxZqf3mjE7EP/QvlGM/3G3kDH0nMxbdgRwe5Lybru:vRwJxMejEAPMvGjgbVoLybr6csQp4

    Score
    1/10
    • Target

      CoreKeeper_Data/Plugins/x86_64/steam_api64.dll

    • Size

      291KB

    • MD5

      6b4ab6e60364c55f18a56a39021b74a6

    • SHA1

      39cac2889d8ca497ee0d8434fc9f6966f18fa336

    • SHA256

      1db3fd414039d3e5815a5721925dd2e0a3a9f2549603c6cab7c49b84966a1af3

    • SHA512

      c08de8c6e331d13dfe868ab340e41552fc49123a9f782a5a63b95795d5d979e68b5a6ab171153978679c0791dc3e3809c883471a05864041ce60b240ccdd4c21

    • SSDEEP

      3072:504VEQ2u/niy9UVLCe9ZqdrP+VXvv+sJYB2RHKBi65lhTbCc+hnvvEyP7yq+uei1:QZu/i874ZcrMv2cRh7yqO2CPLHxYq8/B

    Score
    1/10
    • Target

      Custom.dll

    • Size

      265KB

    • MD5

      a29fb1e1d4b54b1ba5ab1691e99c77a1

    • SHA1

      224567640f82d14c690ac30bf2fa678e79cb3559

    • SHA256

      5adfd3bc6fc10f60905f00c31f2b49c3899e1f60b5e47b31309c592b39d9b40e

    • SHA512

      574fe61713be270fa4d0fbe3d9c4c48494b446179fb2bca27ccb3a97d0a54269ee3b5372d79058060e787f5a1aee871cbcc348a12c1f02c02e09a9a2aeb2087a

    • SSDEEP

      3072:1lnJNBhqVKNAX82IuXJVVfubwt7wpTF0nn4VlY+w/ELRx73ZGqVCrnyEEDgRcWz6:DJNobXh9uUt7cTmn4VlYcx73ZOzosuW

    Score
    1/10
    • Target

      OnlineFix.ini

    • Size

      687B

    • MD5

      c878eaba3c3b7b5c3275cd7c3d5ec17a

    • SHA1

      7e86e7f7f2e2c6594b04cd8dc665905a1e79a6f1

    • SHA256

      3768ca8cf2abd53e5429ce22201116a7a39b772327cd1a585e32839810ceb746

    • SHA512

      efff96e4819d58596b155108c4df0a1600754ca2d18ede17ade80231651167155fa6de0be698b57b61cb81d4f59ef628815838e8c5b0dc9f03bf8fa53e3c2a7b

    Score
    1/10
    • Target

      OnlineFix.url

    • Size

      46B

    • MD5

      59bf167dc52a52f6e45f418f8c73ffa1

    • SHA1

      fa006950a6a971e89d4a1c23070d458a30463999

    • SHA256

      3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

    • SHA512

      00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

    • Checks whether UAC is enabled

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      OnlineFix64.dll

    • Size

      11.5MB

    • MD5

      8757f3d993ee2c707fd3bc2ec9ccd91a

    • SHA1

      2ed7a354b86539818f1e841f849dc2c35ed4b500

    • SHA256

      76a8e2d4630a8e3a6914ab35f4ba4c105943c85bcd4ee327b43a976a78fdf8ee

    • SHA512

      606c903bd2623705e8af207d4ba4cb70a3e601fed6d91155aa7af1b26893d6aae4a4499321e2ba6d2db3493a9c58c74cd977aa01998b378793e200629ef7e983

    • SSDEEP

      196608:Cc5tN8DOlWKZqI7x68n93H3y1dvCmlHD7CzLD4txdxlEc/HiYDxaVZ477:Cc5P8DOlWMxLnBH38CmlHD7Cz4txLBGs

    Score
    1/10
    • Target

      SteamOverlay64.dll

    • Size

      114KB

    • MD5

      0a5429b888c75f6525e1100e32dd2b69

    • SHA1

      8ae224580aa0838a7b1570c79d4d8f27a1b46d19

    • SHA256

      f784b4b85b627c7ea541bd2a90c9fc6e9736a0731707c31265aa86fe684dc2df

    • SHA512

      5f77ac9619ccb5baebabb2e406ce265148ad18c6e1162c7d4c3a5656f38abedf90f756a829da856312689a738a3258382f37a279843bf7db0c14ac953c6992ef

    • SSDEEP

      1536:h1iaPnCtV4+1/IGiaA7bSMhP3rOy843NxnpWJtRsWkd09dl38s6BtcBRXh4:h1iaPn5+uGi/7bpxaX43Ni3aMLJB1h

    Score
    1/10
    • Target

      dlllist.txt

    • Size

      198B

    • MD5

      90876b772c475a69c7251e985300f1be

    • SHA1

      1c2a4e7fc63dbed25ccba2659ccf2801899b1c59

    • SHA256

      f1b85990e5a5d0db0dce85eaee84c8983ebf424cfccf10eebbc8b2200109f8d1

    • SHA512

      255aa00034e2b63e03c7def5a32fa8989ba0bd8166dac50e54e5f00cc58ca758c217c964bd9937cacfcd51beffdfb6af9ac87c57a97ae5a6b3560a2b48dfa44a

    Score
    1/10
    • Target

      winmm.dll

    • Size

      512KB

    • MD5

      e59aac558d9f9c5d1312ac24d09c51d5

    • SHA1

      2f11c4b00f5f92d4466348f9501aa657c9bf6fa7

    • SHA256

      ba37009eef6c041bc6d0a271c13679fb9e14a005bd7e038cee596cd4064cf8b3

    • SHA512

      1c3b357074d62d5ca11c92d71ffdacb4a7e3d6fb17cbd4b489e5bea0032cea43650a6809388e98e4b98256b477c6b5dbd8fd2c7f4e3e08af00ef68e0ed4406d0

    • SSDEEP

      12288:XQxOD9ZC0WKOy8zMtJKpBmpMgBNwQuQmMzWq0hNwnoAZwl:XQxOD9ZFKpB+N7JmMzWq0hNwnBZ

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks