Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

象棋名�...ng.exe

windows7-x64

5

象棋名�...ng.exe

windows10-2004-x64

5

象棋名�...��.exe

windows7-x64

5

象棋名�...��.exe

windows10-2004-x64

5

象棋名�...��.url

windows7-x64

1

象棋名�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cefbb61fd2ac02fdb0a0a30f9fc777c8_JaffaCakes118

  • Size

    9.1MB

  • Sample

    240906-h6datatbkr

  • MD5

    cefbb61fd2ac02fdb0a0a30f9fc777c8

  • SHA1

    ea435b458eb02f690758f8535888449eda6a3977

  • SHA256

    c86a62f346cc4c89bbe3edfd04fd81dc142d70b3c4142433c341092470e6a200

  • SHA512

    de2d9f4d2171f07d2fe5c304b455e5ce9c7e3db658c402d6806480d0e1c1c2f9977405aa235ef951ae2c4d905b5cd4ac638b1328dd5c07b2de6202a71e89058d

  • SSDEEP

    196608:ZeYzQuLrfyvxjV1oSyil+Fdq0uhkYsetKJlPuK1K/sae6UG:hztLrfyvxroSypqpDseuPuKQ0ae6UG

Score
5/10
discovery

Malware Config

Targets

    • Target

      象棋名手3.26版本32位六核核破解版/xqmseng.exe

    • Size

      2.0MB

    • MD5

      caa81935cd402aa82b058830f82bd9aa

    • SHA1

      5385b47ccd5aa268b247420f5cff09c0061d7c8f

    • SHA256

      678c75693b335ffae4252c05e060550b6ec998ad386b03467332d1625f8ac45f

    • SHA512

      586e54554fb4c9c777315adee2800f8495e6ee99e77ea2e3898a69177046a5765fa85f9ae0f3f31bf1615eae4735642efdd5460d2cd1b8b4b3fcbf8131aaf0d3

    • SSDEEP

      49152:WOY+pYnyJ3xXIK/fBwG83bwiUU4G6emja7qTgAgqpNZ:RpZWK/fObwiUUiJTgArN

    Score
    5/10
    discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      象棋名手3.26版本32位六核核破解版/象棋名手.exe

    • Size

      7.3MB

    • MD5

      9b101825f8c1d61daa10abd7dccebe1a

    • SHA1

      e909e6c10dcd71b05f1c4c1e2cf091ee91390c9a

    • SHA256

      585f7c3c26ba76aee811a5dbaa1a83c0a6b96e30223c677a895ba813eeb272af

    • SHA512

      e4450cfe66ab318ef7e75aafd7075160e458f2cb3138477c1815c9734b404bc342415f99b71ba609790a9a5e753961d302851746297d26b19847a9183cbee973

    • SSDEEP

      98304:Qr/zstOFQA9TBPn+sk9b5Tt492YLFCj9KfXeNL6OadTx6GRvq8LY:Qr/zstOFZBxk9d+FRlfu5FadABS

    Score
    5/10
    discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

    • Target

      象棋名手3.26版本32位六核核破解版/软件学堂-提供最安全的pc软件_免费Mac软件和最热门的游戏下载.url

    • Size

      110B

    • MD5

      d3c7a91dc25fe6d0e460dfce3d2b4b1f

    • SHA1

      2fcc392b9b2e2c0a96f1ebaa977b15e988f0af6a

    • SHA256

      97cf5a6cbc47b5fd923ca7f9ac81407962a60f19f345ddb1601fc0348b0e8d28

    • SHA512

      3d7939b52ae50d4b3696d46d268ce05c8de2e561ebf1b7e814597f46320e5858b6e6a3027fee22f6306c6eb1f0ccb2ef82bb903e2429f8e13f81ed515b98ee07

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks