Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Hyperbeam Setup 0.22.3.exe

  • Size

    64.8MB

  • Sample

    240906-cv9xra1fng

  • MD5

    ee818d25da7dc81da07de994c16e47eb

  • SHA1

    530d4211ace147d5d4672768b480ef46a0a88294

  • SHA256

    7554ddb13cc50c4f95a64e655b0aec126a2a6d6073cdea6305efb00a52e4d4d1

  • SHA512

    f89066b6efdadf834e3aef32a7cb14bb4c032aba9811717215da61f8de1bbc114e01be98829e80b099ac794f63fab28cc479405d70311e2a3769298af10e99b7

  • SSDEEP

    1572864:qWNtTIQ3bcG8yb5D/HVI05Op7rYzmumHX0kxZl:qWN6Q3QGXbYQK7hHkkjl

Score
7/10

Malware Config

Targets

    • Target

      Hyperbeam Setup 0.22.3.exe

    • Size

      64.8MB

    • MD5

      ee818d25da7dc81da07de994c16e47eb

    • SHA1

      530d4211ace147d5d4672768b480ef46a0a88294

    • SHA256

      7554ddb13cc50c4f95a64e655b0aec126a2a6d6073cdea6305efb00a52e4d4d1

    • SHA512

      f89066b6efdadf834e3aef32a7cb14bb4c032aba9811717215da61f8de1bbc114e01be98829e80b099ac794f63fab28cc479405d70311e2a3769298af10e99b7

    • SSDEEP

      1572864:qWNtTIQ3bcG8yb5D/HVI05Op7rYzmumHX0kxZl:qWN6Q3QGXbYQK7hHkkjl

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates processes with tasklist

    • Target

      $PLUGINSDIR/SpiderBanner.dll

    • Size

      9KB

    • MD5

      17309e33b596ba3a5693b4d3e85cf8d7

    • SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

    • SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

    • SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

    • SSDEEP

      192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY

    Score
    3/10
    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      Hyperbeam.exe

    • Size

      145.0MB

    • MD5

      16be127ba5c4d3dc2daab53cf952ad7a

    • SHA1

      adb1a41519fcd5e6952425726bd8d239bdfa1483

    • SHA256

      c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

    • SHA512

      938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

    • SSDEEP

      3145728:UurFg3J+jK5+AcnuhAKoUj7HjGSq5RvjWS05RYkmn:frFg3J+jK5+AcnuhAKoUj7HjGSq5kzYp

    Score
    7/10
    • Loads dropped DLL

    • Target

      LICENSES.chromium.html

    • Size

      6.2MB

    • MD5

      53ef875136b19bef138829d5846208b0

    • SHA1

      edfcf34901b7fc6a3e578d637266686673a30299

    • SHA256

      d3bf6dd8892c6d77555e0b55efe98bfd18f08987ea39668bc5d0c419877aef1f

    • SHA512

      b6f0e50ac1a2a2144d718eca60dd8a26ca48045fff9c05327e4e0e09a4d12ba69952f9feb9481497f9b1b1378a5c1d55845bee551f84e7a47f98f7a222c302ab

    • SSDEEP

      24576:nP9t5W7WSLzrj41T4mfn6y6O6E6Q6yNSHpCohpG:g3e

    Score
    3/10
    • Target

      d3dcompiler_47.dll

    • Size

      4.7MB

    • MD5

      cb9807f6cf55ad799e920b7e0f97df99

    • SHA1

      bb76012ded5acd103adad49436612d073d159b29

    • SHA256

      5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

    • SHA512

      f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

    • SSDEEP

      49152:IuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8cc:oy904wYbZCoOI85oyI

    Score
    1/10
    • Target

      ffmpeg.dll

    • Size

      2.7MB

    • MD5

      c92829816a0f5e945f014a437e668b38

    • SHA1

      5998ef0668a09345af83757eb58553f6e6cbf767

    • SHA256

      b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

    • SHA512

      2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

    • SSDEEP

      49152:RcDHp0Z63RFIEr1OJbJFk1rb1kjKxt0MWH+4WUA8ZQcyTfQV0U5okJO6V8mK9eox:mDHeimbJKRkQMdZryTfQV0U5okJzKt

    Score
    1/10
    • Target

      libEGL.dll

    • Size

      458KB

    • MD5

      79d17646daac89413e76e5612353c94d

    • SHA1

      cf648b96e89302f70b4deaa51499b7ea35d5f068

    • SHA256

      cd79548789bd396bf81e5d5019ac4b802dadc82a22668c685fad2608c7d3f305

    • SHA512

      acab8e90a9c872fc7fb25d7e5cecb0dd1dc18533b62511bd2baa74bc961c02c88ab8826c77d451deb1298528624d97d36c2cd53170a006b89ab8c7c0da97900c

    • SSDEEP

      12288:lPwG/ja/jvtG2OQ7Aw1qiQhy/Dq1Mg3dk:lz/QOQ7Aty/OGkdk

    Score
    1/10
    • Target

      libGLESv2.dll

    • Size

      7.1MB

    • MD5

      fe9b0eae67c26a0e8214e4c8e9f64182

    • SHA1

      48dbeb8410f73119e1bf5dc7da5fb59934320e1b

    • SHA256

      8f1e9e29ffe97fdc7efe7e3ad7169a48787d8ad0ac44e17840d0deae391576cf

    • SHA512

      82ff0224de8c5f68575ab186d102afe63c48ce90afa2553e179db0088b7ca8ec87d37506d711611c873bab4a6e75e65a2c8c9fe6bd3b611fed4260cfba1cc3af

    • SSDEEP

      49152:Ek6rcYCLRRdx7IXvR7vjyhUpSOIpgRcbSIXv9RPKSNtc1OAE3tg5qHqwfuXBMwrd:+YjEXvRhpS7X7T90VSJAxtLNSg11d

    Score
    1/10
    • Target

      resources/elevate.exe

    • Size

      111KB

    • MD5

      eb49ddad4aa07b44c3c931a505e36196

    • SHA1

      9738231d45eac0bd2044824dc1aed632ed99ccac

    • SHA256

      7c4236c66700d6eda63d02ad641b8ef34bc9e53015cb16086e9d86bbeabc77fc

    • SHA512

      92cdf35be27b435810ade11e7f56e2b68cfe270f1f8418a51508c85ad7051ef2a1cc2368819872d1850ba734ac0357087abbbfa3aee449d51093a7c588a68561

    • SSDEEP

      3072:H8bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWluE:cPrwRhte1XsE1l7

    Score
    3/10
    • Target

      vk_swiftshader.dll

    • Size

      4.6MB

    • MD5

      09895152704e73f877090429a3f617a7

    • SHA1

      6c9a5a4eec367bd020fb267545ff21c676c775ce

    • SHA256

      a4ee0be900ba0afd24e94b86501b9aff169453fe0a930748a9839aba00aa3a49

    • SHA512

      3e3c0d194a4476f0de279428e17fc96250ae8aa640094d8077ecbdda2f0661dfd253b503f6a69583f3983e230299f4c79e767c7824574ffd71b7904481bb9832

    • SSDEEP

      49152:Fg0lNhuGaO/dRxQGQ+mEjWIyKGTJtE+M5q0yN769reA3Em0PNX4WbUEwxWvbG5wh:am/j7sw7kQtlVdQQoT

    Score
    1/10
    • Target

      vulkan-1.dll

    • Size

      849KB

    • MD5

      6e5c112a19cadb33fdc55622218a7386

    • SHA1

      b9b0395372967ddadb32d66481b26df4f0b9fefb

    • SHA256

      a88440204e4a7bc48c5829375d1da3e37b675b5b0fdc5b073a50dd2869931cda

    • SHA512

      4d1cda843a6081a2b76b2748e7db62069ae0fd539a6ef9177ee490dad93ec5bd8bf624645dd03ce0e3ea4357eb2973ec1005f78d8bc7481b592de4fab960edc8

    • SSDEEP

      12288:VaVRm5GYB4ad1TQxKhZasTkTDimWLr4Tg+v+U8AmorQF:Vaa5GqLd1T6aDk6LrSL25

    Score
    1/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    • Target

      $R0/Uninstall Hyperbeam.exe

    • Size

      482KB

    • MD5

      0b9096890ac30b63bca07f7bff78b8e0

    • SHA1

      bbbf68c28f0b70e19044c4642730a26db16fdad1

    • SHA256

      07e42bf4425ffe3d0828257221e99d63a114f25c5b9ad5244213575fad7d818f

    • SHA512

      391b2141906fc194b0e4c49783d21b9ed753172e5e1e67e99cc09bd14420b390a907b121bb3ef0e8b4a55c4282dca73e17ba5b1fccdb504759f5095fa83b488e

    • SSDEEP

      3072:Ln77v00hEoDEtausVvZKM3MF9Vg0A6aH2tvhOEA1RJCir86SrSrv6Ia3cV:L740IU2FbhA6s2t0EyL+yag

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks