Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
4NART x AYS...ep.exe
windows7-x64
1NART x AYS...ep.exe
windows10-2004-x64
1NART x AYS...at.exe
windows7-x64
8NART x AYS...at.exe
windows10-2004-x64
8NART x AYS...64.exe
windows7-x64
4NART x AYS...64.exe
windows10-2004-x64
4$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3CPUEater.exe
windows7-x64
1CPUEater.exe
windows10-2004-x64
1Insights.exe
windows7-x64
1Insights.exe
windows10-2004-x64
1InstallHelper.exe
windows7-x64
1InstallHelper.exe
windows10-2004-x64
1LogViewer.exe
windows7-x64
1LogViewer.exe
windows10-2004-x64
1ProcessGovernor.exe
windows7-x64
1ProcessGovernor.exe
windows10-2004-x64
1ProcessLasso.exe
windows7-x64
1ProcessLasso.exe
windows10-2004-x64
1ProcessLas...er.exe
windows7-x64
3ProcessLas...er.exe
windows10-2004-x64
5QuickUpgrade.exe
windows7-x64
6QuickUpgrade.exe
windows10-2004-x64
6ThreadRacer.exe
windows7-x64
1ThreadRacer.exe
windows10-2004-x64
1TweakScheduler.exe
windows7-x64
1TweakScheduler.exe
windows10-2004-x64
1General
-
Target
AYSASOPTIMIZATIONFOLDER.zip
-
Size
169.9MB
-
Sample
240906-1cntkayepn
-
MD5
421fcb07f4a37e556778ea2f9b3ee0b5
-
SHA1
d7317d634244ad3689f89df4933206e3e678fd60
-
SHA256
4454d5fc11bafd948976ffe7232f0bd34e84e8ab4d8991abea1073c22478b33c
-
SHA512
0493e332097750dbdc203b13d5a807ab930231e7a27fad52b9e1fec778a3833b94d2e18b3a11fa7e94d9e5f2d2458420f6ffe7f47920e62fe98cfeb3c3dce513
-
SSDEEP
3145728:A31bvdKTA0F/hBvdtNm2Shp4mCj/pXuEtZYnu1UPfD+7vKaLUpS2rlY8C78RXsyk:A3hvWnJBvdtI2+p4mCjpT11U3K+jS2lU
Behavioral task
behavioral1
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
CPUEater.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
CPUEater.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Insights.exe
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
Insights.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
InstallHelper.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
InstallHelper.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
LogViewer.exe
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
LogViewer.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
ProcessGovernor.exe
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
ProcessGovernor.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
ProcessLasso.exe
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
ProcessLasso.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
ProcessLassoLauncher.exe
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
ProcessLassoLauncher.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
QuickUpgrade.exe
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
QuickUpgrade.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
ThreadRacer.exe
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
ThreadRacer.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
TweakScheduler.exe
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
TweakScheduler.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe
-
Size
137KB
-
MD5
c81197ee2433d30c1731b2ddee8ae67b
-
SHA1
2a4fe29f28443936fbea66855c489098632f886c
-
SHA256
055425a39ce8e766055ee2de3f4cee1714bca31f274bf0c9f658009f551e9e73
-
SHA512
de1ab2c2cc47c058fd326ffe5f4cc9fe4b42b1407ad20c70138a34db92b17bd127021f3a50b2ef8fe15d3ac81d47ed0a2e2e91957850720215e05d1c8030b842
-
SSDEEP
1536:9qStkJ2I0E0Rm1qplwjQ5V/Eg78OJExsmXNe3az5U9zSaXUNpUvblnPnEyAU:nQ2I3PKwcDEg782E6+N75U9zSaX6IEc
Score1/10 -
-
-
Target
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe
-
Size
299KB
-
MD5
b3849adedca497a29e4b1a13f6851d45
-
SHA1
38438d73c378fd410d8d51ee954231f73ce9aa1d
-
SHA256
00a7c7b88877bf59dbaa70de734fcd3f287f1eb92caff4571a4c8e67a5dc0aca
-
SHA512
9fd6df7f1173bf8258f54d9153505dc648dd7a8b99e4c995ebb37965795d8467dd560beff035c2d33d0a047a43c280b4fa22e7fee019767e9190453c7769a425
-
SSDEEP
3072:/3epwRoNb3H6oy98nu6zp+4uhv9UKBLk4TZKVLIh0MRtcwuKohGjBf8i3Jn:/8eso8FnqSKB1K07Y2eun
Score8/10-
Drops file in Drivers directory
-
-
-
Target
NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe
-
Size
2.5MB
-
MD5
4efd7509873a6dba9db17c99702f5a7d
-
SHA1
89f4d8aa3b6b02d0c0250580b9e39761a3d593c3
-
SHA256
fb00ea98cb78dcb72e3c95a3665281e213527f54a91ff485969a43be9651577e
-
SHA512
2b1b057d5a42492138d704a72fe84c79d2348b79930cc4ccbd83fb1a375b28a6b90f1be882530948d4e5ddfbec11d0edf0e5a6323966d67ec13b584ec5abb039
-
SSDEEP
49152:I68Sr4seByNJOdAZHxKU3z9ljajNP6zuMH7fZPuVd8i:Iir4seByXnZHxKU3zPajNhMH5M+i
Score4/10 -
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
24KB
-
MD5
640bff73a5f8e37b202d911e4749b2e9
-
SHA1
9588dd7561ab7de3bca392b084bec91f3521c879
-
SHA256
c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
-
SHA512
39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a
-
SSDEEP
384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
68b287f4067ba013e34a1339afdb1ea8
-
SHA1
45ad585b3cc8e5a6af7b68f5d8269c97992130b3
-
SHA256
18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
-
SHA512
06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
-
SSDEEP
48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
cff85c549d536f651d4fb8387f1976f2
-
SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
-
SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
-
SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
-
SSDEEP
192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score3/10 -
-
-
Target
CPUEater.exe
-
Size
484KB
-
MD5
65a1d58b8a9129f69073b4997fb494b5
-
SHA1
ba9f7f75c9ee5ab0ee6052a76b46b3e851ff966e
-
SHA256
dbc5334e06291fe7970bc86118ef393428d70765afc409af4184b0ccd7d7c796
-
SHA512
ede81447dbd8a2097e7e69579f3fdea8583b342bc475f80982a90a262846b943c48e133ad930cdaba6682760c532bde11c550da76d4f50bdd1895a40ed546d77
-
SSDEEP
6144:FJWlpafqCwll1Ik4k5w/Fj/l4lvjlkdQvtIIK5UDEeBxhLX:FNfqR1d4k5OFjajlXtTK5UVD
Score1/10 -
-
-
Target
Insights.exe
-
Size
750KB
-
MD5
e825bb27108035adda9c27815fb1adf5
-
SHA1
0417a261d31f485fd510b4e737636401140bb4e8
-
SHA256
7fed9370ce18f5ca8b3f8bbef91ac04c8d3f946836a1185b3077f396772621ab
-
SHA512
a7572ab7395f7cfd267a61687fcd1ebdfca1e3f322550c1631d251c9eb8518f653b72aca7e70f46eacf795e066b2d66b5860424da349c0ee74b0b9b6b0bc1bde
-
SSDEEP
12288:vsfeRpOSZXtAOvd0m3+p8Ly16/sJKGHx6:0feRpFtAOvr3+p8LyIULHA
Score1/10 -
-
-
Target
InstallHelper.exe
-
Size
764KB
-
MD5
ead091d81ec9453dd8bf4d8b65b4644c
-
SHA1
8278e562f0e156171bd57a95f265da66bdca01a4
-
SHA256
90f9a6e4e09d0ad7745e74fb70198ab82bbd6621ebcd3eba1a511850020bc989
-
SHA512
37c7b0397faf5ee49fe4080c02a1e5362dc00a0cca986461f5ec798ddd8fa2ccf04f023af15b2043bd4361fd10c16082189e865c03547964565f78c593ae1f00
-
SSDEEP
12288:PnKSfbOSYCQsHi2+NgaxZfWuzJxfeQXlbSKGc:vKM7YCQsHi2EgaxZfWuzPflbsc
Score1/10 -
-
-
Target
LogViewer.exe
-
Size
857KB
-
MD5
1fa9ee2976c9faf43eb109ca380a4899
-
SHA1
9f7bcfe0f862f1c60093d51ac146546424e44b65
-
SHA256
c21f257bb257c79401352e59e69db920ef87915feaaf2257afbf919c42086e8f
-
SHA512
f16f6eed01c69097c38f8e753024edce5e2c151d572ba442335595934e72ace89da5c388012ede31c5d2aa8bfb3e4018659e7064b1cce373a2ae23da8e1cca8c
-
SSDEEP
6144:z3iuBkOY8B59ASUsJHj1HMFdtX/jy+/6WOhVTgvBZOB6csuAPjNqXXB6uAPUFBmN:znAQ16/jy+/ogZ4B2u1XB67PVa8OGx
Score1/10 -
-
-
Target
ProcessGovernor.exe
-
Size
1.2MB
-
MD5
30d0346a2c71530eb3e9d6711af2fabe
-
SHA1
a0c80c6a2973d87f119c211fdc9d7a0a03aef3f3
-
SHA256
3151c4f9f9b328841b7b8acf78e7aa9cc200ae51fed88affc9a2dd0c8c74e417
-
SHA512
1805ad082bc4c4857224f3ca234de799cf7347864a584a36fd23348ce831aa2e9781e96347eaa1383b643c12f0c7c02c2940ee770c18cc7a930cd15b868f0405
-
SSDEEP
24576:mrLwE1K8WYVCtOH+BdTzhXgXqNvCyaulh9srcYD:MwETWgaOaNqyaulaj
Score1/10 -
-
-
Target
ProcessLasso.exe
-
Size
1.8MB
-
MD5
7ad00b88f224108c8f28e65698844a63
-
SHA1
2b101ae272c02c15c3048c3dca1088e67bf83862
-
SHA256
11b92eca6aaf291579aae4266fc45340aef19233a461798aaf2939d7ac2b2605
-
SHA512
fc58c2307c5cfd8d8e302e4fb6bf7aeec94bb30b46591e4598809f81b889a8b3295e9d341a331f789003a947973f145ab97c380d37c5ce91d333f0f5c352e4ce
-
SSDEEP
24576:yLyCSyM2YvYyC2gnyR3g7nVNHKpOH+PnC/nG97+N1p2E22r1STBvXVJcFJ+S7FEd:yu8CgnCg7VN+C/z1/RSFVWp9Mf
Score1/10 -
-
-
Target
ProcessLassoLauncher.exe
-
Size
397KB
-
MD5
0271f3b6fcb68f9d2d02957feecbab39
-
SHA1
c1bee1c29b2058a4c98c8057370c4beb93372233
-
SHA256
046e04a71622e7cd87e6c34259c48dc36f173f864c3986cd9059709a7d746b41
-
SHA512
040b423649a7356b2664132dc791d5e63dcba4ed72d2423237714544a435e523cc9b33c0c9e3bdd6c7fcdf8149560f48441102748b85e302b4a7d56545dfb80f
-
SSDEEP
3072:q1hBjA8ZOHWQ97VpEwYNY/SooDlArk7HoZ7WK7T1YP:OhhA8IHW2VWnAr7WGa
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
QuickUpgrade.exe
-
Size
470KB
-
MD5
06c4fe95b2ac2a6b334dbbd795fcee23
-
SHA1
5a58f4866fd38dacf198943883cf894d079fd7eb
-
SHA256
322410618f06240a9a7f6e853385fbb4ab6dd191f40a79c10ab059d369e3a625
-
SHA512
0d1d5e534061a94ef7d0a275908f4fdf41c231e835673a07d9fd4a355f155348c02f7f7a39c5b7752f1e07d473e40a9d207043ca615e4cb3ae56fc0460a10e8f
-
SSDEEP
3072:8MlF9kZSKyI9m1+rxy9dTDs/ZR1ctUA/86KF7HEG+qMQOrUsLVtPk7HoZ7WK7TBR:8MlsT9u+ty9xElcyWK+OKfLP7WG4
Score6/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
ThreadRacer.exe
-
Size
534KB
-
MD5
1b53625cf9df5b8b5b0e3b07a4ad0436
-
SHA1
5980a6f8558c1d6ace9b292bfbd0f0f55271b407
-
SHA256
015480e8443c56f5562fc29830a594676526c1b15c606e202f9d51029a64ef47
-
SHA512
ab8b1a716d5cfddee599649b3de869d512ed5202c4e08353fdbfa50107f912c911963e8ecd38b221ddb40989f3aba58796477594d197c4c4896962e340ea0c77
-
SSDEEP
3072:APO0Gp8YiDjWgjDddsuUckNJktwzp/i5d03Q2hc6VEpjbgtGjv/AsGc6/cANCMkG:APOn8Y8NnaeidAdYHRVEpGpcANd7WGxb
Score1/10 -
-
-
Target
TweakScheduler.exe
-
Size
619KB
-
MD5
763ea87e142c4eb38804a05f7b31a423
-
SHA1
e38ef8bf61df89dcd9ea4ac1453eac225efa1ae5
-
SHA256
6c7454cc3047d9d90bc53f65dde889b49ea8a7769c577cc326e19643fece275a
-
SHA512
19ee80fda25939506c51b2b1007dafc3c1bd566e6aac80ab3827fa3e39a9652c08403773dbdca69b6fbcf3714b3aaaabd8f09548a3799f779c2141919ed208d7
-
SSDEEP
6144:Hgvo9kk2z8iWNrJLMy7tIIpM/JZdbjKYop1qtWzUpNfVvOtxOVxaY5:592z8JfNNMxZdbjDofP8NpsY5
Score1/10 -