Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NYX.zip

  • Size

    140.9MB

  • Sample

    240911-rxt2mswdrh

  • MD5

    d3496d01232b84a990127079813f7a0e

  • SHA1

    6c5de1afdb7ba5a73315b2b09e59d0786d0ef44f

  • SHA256

    183160e943a1e0b38a07dc0d6fd775a32180bdee16cc5b5df90330276e95bd44

  • SHA512

    a72192fa74df1ab00b596d3cb458a38b911378275f00797a251756dbf4da619d4663e5a85e9f261881248a8c88ec2101845ff596d705b2398313a774383225aa

  • SSDEEP

    3145728:q10da5d4vVH3qZ9Li+5L+m/YOcSZX2/hv8LKNwzKnm0YG+FfsR:q10AY9H89LpKm/jcSZXOV81zKmLTFfsR

Score
8/10

Malware Config

Targets

    • Target

      CefSharp.Core.Runtime.dll

    • Size

      1.3MB

    • MD5

      41571881b1113b2813d80a8fd063fd18

    • SHA1

      8e01d0f9daf636979b09cf3f3bf7235de1be3c81

    • SHA256

      e3a9a58317217393ba110b1fd1a7f39c0fb819ce96d425e5d1220e200420938c

    • SHA512

      b74c0f0cbe46e9902bd19041fb2f7ded7b1849c790837f29eab250392e612d1fc42767847cb39a2d94fcbf8d528e0ccf25a445d42b26379aaa8de823a1cd0b9b

    • SSDEEP

      24576:m74xCV8e00l0NLz4Cm9naV9uhO5GZLOfMRh44OkSgqc4CQKZi5P9xh0gsWLgiHea:nCVXtZLOOh44OkSgqc4CQKZi5P9xh0gH

    Score
    3/10
    • Target

      Nyx.exe

    • Size

      7.5MB

    • MD5

      34e9e2070c4b959fd5cde9aff77cd68b

    • SHA1

      6aba2fb635ca0d6444684f015c97d1b5bce5d957

    • SHA256

      1fdca0ed906e4cd623eef962377f59bcdce2dde3233a0a1ca306d8b5a9e9268c

    • SHA512

      e38558b1a23872efcef6d252918f12e1732cd4b151bbc4d51b8a56bb9934f63b3d4ac9838f8c28edfb1549a89f18b128be502dfed2a537a2d1bf2695fa1ceb70

    • SSDEEP

      98304:J35dIISLSHkNnEXSzrfZM7WcciwU6nqnlve59oI+k6k5MukqjpMxNepV:J35uaCEYrBM7Wc4hnqlGX6k5FTMW

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Target

      d3dcompiler_47.dll

    • Size

      3.9MB

    • MD5

      08ac37f455e0640c0250936090fe91b6

    • SHA1

      7a91992d739448bc89e9f37a6b7efeb736efc43d

    • SHA256

      2438b520ac961e38c5852779103734be373ee2b6d1e5a7a5d49248b52acc7c4d

    • SHA512

      35a118f62b21160b0e7a92c7b9305da708c5cbd3491a724da330e3fc147dde2ca494387866c4e835f8e729b89ee0903fd1b479fcc75b9e516df8b86a2f1364c8

    • SSDEEP

      49152:pS7/Q+besnXqRtHKzhwSsz6Ku1FVVOsLQuouM0MeAD36FqxLfeIgSNwLTzHiU2Ij:p4/hqqFVUsLQl6FqVCLTzHxJI9k

    Score
    3/10
    • Target

      lib/ace/ace.html

    • Size

      3KB

    • MD5

      79d5cf1e15800d488db989da5b87fdcf

    • SHA1

      ad8d17c3e438a669ec5c5a0c147bf6437fd35051

    • SHA256

      a99c139fe372b396174d194e0f3577ee339f86954ae7416fa010b2a62787cb3a

    • SHA512

      421f7a5519ba5e03aad5458f6773a38c8ccdd7c9be010fd1e5e80e7d76dc0a72299aefd958f55136debfb5d5786d7f3a68e019ec95cc8729f313e7ee78684685

    Score
    3/10
    • Target

      lib/ace/ace/ace.js

    • Size

      701KB

    • MD5

      a6686a7c46bbfc45d4f3cc5a9bafebc5

    • SHA1

      4e8fa74de2025edd550fcc4b4d869f385d1b73c7

    • SHA256

      208c0601362fcccf0df59329fca92eb03d914d11978f115005e280cb22f569e2

    • SHA512

      13c807ce60c33a6ffe7531b8984d7a3e2e0144a9dec2d3620136da799d45e80f65eb22b58103aff071cc0c64716c667c624af9446662253914cd418f0c7e02a6

    • SSDEEP

      6144:oq4Z4StNfGDghjQYOIsb9U9lJiujPxBrLeq/SqJbXbZV8dxcQgnmpqptB9z/n68H:ojBtNfGkf/jxBv7oeR9zWk1nyP0XRx

    Score
    3/10
    • Target

      lib/ace/ace/ext-beautify.js

    • Size

      11KB

    • MD5

      e25a9f1eefb91ff068f8f2a3d021098e

    • SHA1

      72ab67d8e39cb4f61d384cf5666085d7e627d3f4

    • SHA256

      c8c01930591173ebe64a1d6b9280f36398c83c5ffc148b04f73fa94b4ef36191

    • SHA512

      fd8412a50b74c72fbd6180bb8031a8ff81b7ccb691ae07ce251587fa65e230810d18a0d9c0387cb7bc6921a062766c7ca0e7b2e90a4cd19af2db1462359eb675

    • SSDEEP

      192:925ATmDTIxw+gO1WSS7PXOig6iGKiPiZ74NmZbhBoiMS+k28iSqQqHAFvSYJppWT:UATmDogOcKZbKL0y7

    Score
    3/10
    • Target

      lib/ace/ace/ext-code_lens.js

    • Size

      7KB

    • MD5

      12022137d3802cf3a9269e2e52289425

    • SHA1

      bd8dbf3bb4a3d5eec3a63564a30b4c8cf09472db

    • SHA256

      2a6770ea9f8f0179f71d66d47f65bcfa28f918fede686422e54e0edcb9f19fcf

    • SHA512

      0f0095034720f8e6b07d9189d3a9b39da71889d5808f0fdb7f8cda99463fd693467c94032a6dec32951535f5f6c1bf25e51e25cf6c39d160c10b03e1f15d1550

    • SSDEEP

      192:zACH9KCH9TAH2K/CKCHKH4H5iwt0741tHJHyR8Hdj6oXeWgcV1dyKHPur9yxCCH1:cCH9lHBAH2GClHKH4Hg743HJHbj6yeWL

    Score
    3/10
    • Target

      lib/ace/ace/ext-elastic_tabstops_lite.js

    • Size

      8KB

    • MD5

      4a5c939da4f22719815b2a85b11d29b6

    • SHA1

      493a37c00678d36d34f860056c936d3c6083c79b

    • SHA256

      03ee8372a6429a8c56e8af02696e66bf42459db32a196f17f8d2c672caa2ed04

    • SHA512

      a51aa6d3e50fab0a82333b3f09030006676d1aa3334b88b6155dbeab67dc0241b8d3f1f91a626cf7f75c659f77c1d8937532b320fb87690ceca24b9b973bd5ec

    • SSDEEP

      192:glgCuuLpykQ8yuhtLMa07bsSslMosy9gyQoFx/UUhpUSbax3r+/Sy1TCa:agC/rQuMLsnlMojx/UUhpUSbax3r+/p7

    Score
    3/10
    • Target

      lib/ace/ace/ext-emmet.js

    • Size

      47KB

    • MD5

      3c3303c8a63e5ae66f982350ec857e87

    • SHA1

      f74e7a21ed7ad26662e02f94abe34aacf6882785

    • SHA256

      23331809f93f30031c0df2673450c6d67fa13bf3211dd7094d1d6fa9b99e9c18

    • SHA512

      a8cff4d37337535a9886e5d24143de9d507f61a0306dabb7ff3d4b9186f51d52c205153c3dc6b0d587089f724ba3e2a83e7f9af2c7b26f15fa820898f48321a4

    • SSDEEP

      768:7z5x5p5gfW3oq1D183CPjvHUCJyYZBkn7yOTbGK1JLP3KWa7kg/IqzCDrpNyBhB+:7z5x5p5gfW3oq1D183CPjvpJyYKpZ7Ck

    Score
    3/10
    • Target

      lib/ace/ace/ext-error_marker.js

    • Size

      336B

    • MD5

      b40f7996c4bf9099abb5f8b3b0f0be7e

    • SHA1

      f408918b226931d0090064f6b2ad3922890152d9

    • SHA256

      d549c299502c356538f2444d4ebba5f251d9cfd7fe137c35a9dd64aa0d5650a6

    • SHA512

      779e2946d01663fc4b5b7e4f6f35621964238f6b4c9eaeafaab85622ca7b62c338afe11476648b0d642b27d35197501f928eaf8229f9001c0ae5652f04197a65

    Score
    3/10
    • Target

      lib/ace/ace/ext-keybinding_menu.js

    • Size

      6KB

    • MD5

      e9e7aa9d8b73e9420058416a2e425749

    • SHA1

      72779ad95194a6b7be98f0ac45b7057e5c1088af

    • SHA256

      d58055479c707296cb0b129eddf5d3684d1b37caa48bda3ccecb37f1ec3612f8

    • SHA512

      7a72a8ab9a893dc335281376b9f7b9a58283f4930676e0f5b8c6bbb62c6d50e94e3a12c7965d93018e61d7dd5f755397851c6f2a51af50ee58732f9723c4843a

    • SSDEEP

      192:2zQgi+w/VwzeFZmZucbzcBUeQ9PI08ob5JIJzp/xtSgX2s2h23mjiDya+mTCa:qzeKcUnx8aIJft8AyaD7

    Score
    3/10
    • Target

      lib/ace/ace/ext-language_tools.js

    • Size

      75KB

    • MD5

      56e84b42d4d10cf8b86d9462c517ac78

    • SHA1

      32ea9cb3663bb281beb3d00a66520460e6b4698c

    • SHA256

      20042860c5d8776ab14925360d1b14a378dedb1cdb62f1bd2689aa4f5e1cc750

    • SHA512

      a02f1836ae46a66ebc7553be11cf9b357013f7a90bf8dc20d999f97ec44ba03dc1f2136799131c9b7c41d9454c73362d314195a5c42dd88014cf68fe3a02bb38

    • SSDEEP

      1536:7z5x5p5gfW3oq1D183CPjvpJyYKpZ7CWa7kg/ImCDrpN8msdFKVYYf8cLNt5AqeZ:7z5x5p5gfW3oq1D183CPjvpsYKpZ7CWC

    Score
    3/10
    • Target

      lib/ace/ace/ext-linking.js

    • Size

      1KB

    • MD5

      932265422f7925d95cbe5aebe3a12f2d

    • SHA1

      a841875e361e6d6406d8c359568e69785d8b76a9

    • SHA256

      06f733685f2bfae0453f2429772718ca49bd82d8fa748360f8b5f69e0b9ea612

    • SHA512

      730bbfb647b18b4339eb14d200a46617cef4e68354f24092bbf82a33edf2a8fe1f4dd988a9ae691ded3f34e79c626f8068b4357b7dd39d7f9bcca448c1ba5a7e

    Score
    3/10
    • Target

      lib/ace/ace/ext-modelist.js

    • Size

      7KB

    • MD5

      6bae0154b4d0810eb877c9be3ce75e60

    • SHA1

      6385ca597d6c7b1f96ffcc58ce1ca805471817d9

    • SHA256

      2320ea3d88be7be9ab5c6fbe6ed170dd93e160547574ce6df0d137aa27d2f9f5

    • SHA512

      bf15b43032ce2f39b28db369e3dcadabebf523caf89aaaed9a528f0564528ea660f70cffeb6927cfdfe0710341214c3224b6df7b43258bbf1df20920131f1179

    • SSDEEP

      192:viIuiQvnTIoVcsruDi5z0O4D2OKkbeJO9kdfFUrsjs/VDfWQofXFe5LsTCa:mT9VcsrkiR0O42gk3UruOVD4FgLs7

    Score
    3/10
    • Target

      lib/ace/ace/ext-options.js

    • Size

      24KB

    • MD5

      9882e6da6a5c907d47b2b75a5ee73a02

    • SHA1

      3593a7a74558afff56634d4e7bf3309db2c91afa

    • SHA256

      7fcad03423ab7c07f7fa30cb4e141ec0da0595e1aef08b81a4b89c8c3b91aa53

    • SHA512

      6d18c569d754fd7852755a249a5d951b4cb52540cbd214ec19c0ce55710cb0966aa177bf91aad65e7b2a43a08811b27324bde7f709aa088f5698d7a4551e7b1a

    • SSDEEP

      384:qzeKcUnzT9VcsrkiR0O42gk3UruOVD4FgLvg39wTN7ZrosesnRRDlZTQnjuO7:q6KxnSkGg3mJ5nZTQaQ

    Score
    3/10
    • Target

      lib/ace/ace/ext-prompt.js

    • Size

      95KB

    • MD5

      2a2b94eb2ee36301b19dca07d74cdf0d

    • SHA1

      f1586022f5c13e3d2475e1c665ae9c74ac4e9ace

    • SHA256

      8a71ef4c6add557fe17cd16e56f97533bcd6a335149b6f1bd85c45c78aa71550

    • SHA512

      f785b403bc36120619852d80d2422da08baf1328f5e4dbd3148dafe9f1bc299cb91e8d0a65370d8ad4ab9fedb67b83208fd75fa926d22e771f95901d95da7ab1

    • SSDEEP

      1536:P2cLNt5Aqeg9tz5x5p5gfW3oq1D183CPjvpJyYKpZ7CWa7kg/ImCDrpN8msdFKVP:P2cht5AqRHz5x5p5gfW3oq1D183CPjvy

    Score
    3/10
    • Target

      lib/ace/ace/ext-rtl.js

    • Size

      4KB

    • MD5

      c3cc7439adca6e58aa20abc93d24e712

    • SHA1

      5b6ac06447d558f140ec544a4841836c22d4c78e

    • SHA256

      a5c0ccb71781f451ce0d8bb36bcf654d01742c258243d84a6de39d4836df228c

    • SHA512

      2da99842e6b31d80b25a02c2e97025281e5e92d4ba60f07ca887f9e486e17e1299d61b2dd31de1cc2b715447c9c9359b1bd6e6c36767828966b1b137ff3576d0

    • SSDEEP

      96:fjMAmLqAJEv+ZPTo/mZPTBkt4xryhk1lO+ybLLvaATCa:fjMAmLqAJEv+ZPTo/mZPTBkt4xry+1A/

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
6/10

behavioral4

discovery
Score
8/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10