Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

外挂/155...��.url

windows7-x64

1

外挂/155...��.url

windows10-2004-x64

1

外挂/AutoLogin.exe

windows7-x64

7

外挂/AutoLogin.exe

windows10-2004-x64

7

外挂/MSWINSCK.dll

windows7-x64

3

外挂/MSWINSCK.dll

windows10-2004-x64

3

外挂/神...��.exe

windows7-x64

7

外挂/神...��.exe

windows10-2004-x64

7

监控台/...CK.dll

windows7-x64

3

监控台/...CK.dll

windows10-2004-x64

3

监控台/监控.exe

windows7-x64

3

监控台/监控.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db71d6c43ca3083e834f407b66b009da_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240911-3ws9hazfqc

  • MD5

    db71d6c43ca3083e834f407b66b009da

  • SHA1

    8393ae321e53394c56dfe064c81c9e483155deaa

  • SHA256

    ec7609464f63d8d949b7c1ae6293f1e48d821f6a37e9c9a227744f8d57e93745

  • SHA512

    a655a6acc5e3c1640e9364d5fd7039ea5527f7c3534345a8584ad9aa3030f45a9f2b84e98bf916053b8c7c26849d0d88acd6498078f4f1c1aa94929214af5f0b

  • SSDEEP

    24576:8+iFc1dOqW+yU8wLUjuo/85/OTZfpWiZBNpvvdiMWVOKodtNq4VniGgeymhtwQg/:8+OUoqwrjuQ85/eZRWSzvvdWQdtNqgnu

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      外挂/155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    behavioral1behavioral2

    • Target

      外挂/AutoLogin.exe

    • Size

      360KB

    • MD5

      912a6ba595d72ea86562e48276f7258d

    • SHA1

      9a2809a61a4c8a978c196f0a24916a2452567b93

    • SHA256

      f2f1640691f77292dc73064096ed2c6a5a10729187478069d14df3df1d7e8cfd

    • SHA512

      54e824f10b0fea20b80ab16e9c145cf3a6770229b851e0b8fc0fbe239280df8519e95e489fe551ab74e6d66b680e83cf385c214a86c4682cc2a29368b67e1c4c

    • SSDEEP

      6144:0AXjiU4bzxyNQlcMEX049HUnMhehS2B1eQBmup9rlzCUdqabHI:0AX+U4hy6GPX0nMeS2B1eImkDzZqaL

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

    • Target

      外挂/MSWINSCK.OCX

    • Size

      121KB

    • MD5

      e8a2190a9e8ee5e5d2e0b599bbf9dda6

    • SHA1

      4e97bf9519c83835da9db309e61ec87ddf165167

    • SHA256

      80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311

    • SHA512

      57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee

    • SSDEEP

      3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      外挂/神魔小歪.exe

    • Size

      908KB

    • MD5

      be1158125dd46829c4cc16b878479bb3

    • SHA1

      ec5753674cbca7d9dc597ab23462c2b3b637c086

    • SHA256

      91c679b47080781c9921051fb4dd4e9939017cdccd7588c9026b380fdc857dcb

    • SHA512

      3a04af5244452ed5d47a0c0b13c38959030478b70391a965405913ddfc4e558df44d7c0f53ec3d35c9fbd0fd6d2ad581706e6818d7d3e5f3b814e09c0d333a98

    • SSDEEP

      24576:EaVDwfUEnjzO/aWPfjLPzxLZedu1yoZkT0Iykw:HDwjTWjz7edu1yWkLykw

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral7behavioral8

    • Target

      监控台/MSWINSCK.OCX

    • Size

      121KB

    • MD5

      e8a2190a9e8ee5e5d2e0b599bbf9dda6

    • SHA1

      4e97bf9519c83835da9db309e61ec87ddf165167

    • SHA256

      80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311

    • SHA512

      57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee

    • SSDEEP

      3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      监控台/监控.exe

    • Size

      552KB

    • MD5

      77dd40b2c005e9b3e619a1cac5170e17

    • SHA1

      5be6a26844e576caeb094bfb9a4316ba7a8f607e

    • SHA256

      d1c0f4ddf1262c78ae3566a69d28a719e184d9d55daf0b0c48ce419b3129d5be

    • SHA512

      87894d9b6e0519ed88fa17427a0dcb1a522915913ac033101c8d8d083b97bdfe4c9e83221a4307a9477c0e6069f033990168b1895128097d285110227b5f2463

    • SSDEEP

      3072:FGKoePSqlfJyiX4BjDE8CGe/KQFU5Xg048gIwj4TbSBtrjmmW3GSQpXD+I0cZ1SZ:yQjGe/K/5EHju4qc6mtoztwoB

    Score
    3/10
    discovery
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.