Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
4Tools/SQLi....5.exe
windows7-x64
6Tools/SQLi....5.exe
windows10-2004-x64
6Tools/TSP ...or.exe
windows7-x64
3Tools/TSP ...or.exe
windows10-2004-x64
3Tools/TSP ...be.lnk
windows7-x64
3Tools/TSP ...be.lnk
windows10-2004-x64
7Tools/WinP..._3.exe
windows7-x64
7Tools/WinP..._3.exe
windows10-2004-x64
7Tools/prox...le.dll
windows7-x64
1Tools/prox...le.dll
windows10-2004-x64
1Tools/prox...er.exe
windows7-x64
3Tools/prox...er.exe
windows10-2004-x64
3Tools/prox...ed.dll
windows7-x64
1Tools/prox...ed.dll
windows10-2004-x64
1Tools/rdp/...ib.dll
windows7-x64
1Tools/rdp/...ib.dll
windows10-2004-x64
1Tools/rdp/...5+.exe
windows7-x64
3Tools/rdp/...5+.exe
windows10-2004-x64
3Tools/rdp/...ib.dll
windows7-x64
3Tools/rdp/...ib.dll
windows10-2004-x64
3Tools/rdp/...n3.exe
windows7-x64
3Tools/rdp/...n3.exe
windows10-2004-x64
3Tools/rdp/...e4.dll
windows7-x64
3Tools/rdp/...e4.dll
windows10-2004-x64
3Tools/rdp/...i4.dll
windows7-x64
3Tools/rdp/...i4.dll
windows10-2004-x64
3Tools/rdp/...k4.dll
windows7-x64
3Tools/rdp/...k4.dll
windows10-2004-x64
3Tools/rdp/...rs.exe
windows7-x64
3Tools/rdp/...rs.exe
windows10-2004-x64
3Tools/rdp/...nt.dll
windows7-x64
3Tools/rdp/...nt.dll
windows10-2004-x64
3General
-
Target
Tools.zip
-
Size
84.2MB
-
Sample
240912-k2nl4azgkh
-
MD5
c4422ae48275aef4285e6d9b6e3579e0
-
SHA1
477044c9d0dec845570fd96794f66d186058cfea
-
SHA256
8e781ea5416de0e510bf1f4bd43f432a8849c058307390e7b95de5d689058268
-
SHA512
3e842a812fd924bf66f74a6d6ee0bf54e19a90ae5e9d61aedcbeb35a9693b69bfd2be4a858e0619229644f69953bd3999657aaf30de77f3366f30845bcc8dc4f
-
SSDEEP
1572864:lUnbERndUnSJbQASbL4YtzisF+miRov+3Y91JZqnhXwqHT2HSYkz43kyAzRu7axb:lUnbgneSJbGbriMiSvp99ypz0vuNyaue
Behavioral task
behavioral1
Sample
Tools/SQLi_Dumper_v.8.5_Cracked_By_LautheKing/SQLi v.8.5.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Tools/SQLi_Dumper_v.8.5_Cracked_By_LautheKing/SQLi v.8.5.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Tools/TSP Dork generator - by Lh Production/TSP Dork generator.exe
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
Tools/TSP Dork generator - by Lh Production/TSP Dork generator.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Tools/TSP Dork generator - by Lh Production/YouTube.lnk
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Tools/TSP Dork generator - by Lh Production/YouTube.lnk
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Tools/WinPcap_4_1_3.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Tools/WinPcap_4_1_3.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Tools/proxychecker/Colorful.Console.dll
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
Tools/proxychecker/Colorful.Console.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Tools/proxychecker/ProxyChecker.exe
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
Tools/proxychecker/ProxyChecker.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Tools/proxychecker/xNet-Ameliorated.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Tools/proxychecker/xNet-Ameliorated.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Tools/rdp/RDP Forcer 1.5/AxInterop.MSTSCLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
Tools/rdp/RDP Forcer 1.5/AxInterop.MSTSCLib.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Tools/rdp/RDP Forcer 1.5/ForcerX15+.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Tools/rdp/RDP Forcer 1.5/ForcerX15+.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Tools/rdp/RDP Forcer 1.5/Interop.MSTSCLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Tools/rdp/RDP Forcer 1.5/Interop.MSTSCLib.dll
Resource
win10v2004-20240910-en
Behavioral task
behavioral21
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/KPortScan3.exe
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/KPortScan3.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtCore4.dll
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtCore4.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtGui4.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtGui4.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtNetwork4.dll
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtNetwork4.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Tools/rdp/RDP Forcer 1.5/csrs.exe
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
Tools/rdp/RDP Forcer 1.5/csrs.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Tools/rdp/RDP Forcer 1.5/freerdp-client.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Tools/rdp/RDP Forcer 1.5/freerdp-client.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Tools/SQLi_Dumper_v.8.5_Cracked_By_LautheKing/SQLi v.8.5.exe
-
Size
2.3MB
-
MD5
f558500b09118c2d5482c0097d41b986
-
SHA1
ebdd90df103acb0a28a46b4affde511f5b0bb6d0
-
SHA256
4081a78ba280d28c56551983e515486a1dacf9ba26a3e76a71060982cc9e5ed7
-
SHA512
d4bfd969d7e8e0ff7aedf55ea69398ced8bd81dd2bde7e87a79d6890fa4b38d0275ceb8c72e20336d97bff2252cd904e27f8023b93dacf961d7345d18e0e7441
-
SSDEEP
49152:k25iWOXWlIIb6fMID2u41715Kqao5ZPbnk4uJnmcBVbqk4uJnm:k2cRXW++6fMIiL1J5KCjPbk4uJnmcB/e
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Tools/TSP Dork generator - by Lh Production/TSP Dork generator.exe
-
Size
206KB
-
MD5
560cb4c22eef8363ad5a68115c1e1d68
-
SHA1
ed7de753e52433abbfc9c40b4d93c17989e7af0e
-
SHA256
f408d849ff9173f5d155c2f62ee6fd206c0c3a343ee42699baeb9c44a4787030
-
SHA512
cf4f8944784662d27bb4056982e334941531039cc39ab8f3e828cda68f8833c6e0a318aeb278166d8377ecd6a40281bf2f77a611bf073e78da877e229cd7a0a0
-
SSDEEP
3072:LY6bBJJZVf4eavHmqzlawtKV3CZlQgpxC+e0ua2SnXRfaHBYYit3AqwrKHbNK9tZ:3Lj/PcUDBCSKBb
Score3/10 -
-
-
Target
Tools/TSP Dork generator - by Lh Production/YouTube.lnk
-
Size
1KB
-
MD5
686c7f583ea8b588077a0ce49f4dab41
-
SHA1
a66feb429902206e1b0247107a63dcea9be32f0b
-
SHA256
e18918ce19299f7ef793997d91dfc7cedd2d2691b1b28628595f026954b8ad80
-
SHA512
51f42139baed534c3d70c9e5f600de644d0b27129ff3c64da2bf10646e05a27e3008fb3c3e007c7f5cad781b6689b2699310478228dd9a1270b9b6efda969a45
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Tools/WinPcap_4_1_3.exe
-
Size
893KB
-
MD5
a11a2f0cfe6d0b4c50945989db6360cd
-
SHA1
e2516fcd1573e70334c8f50bee5241cdfdf48a00
-
SHA256
fc4623b113a1f603c0d9ad5f83130bd6de1c62b973be9892305132389c8588de
-
SHA512
2652d84eb91ca7957b4fb3ff77313e5dae978960492669242df4f246296f1bedaa48c0d33ffb286b2859a1b86ef5460060b551edca597b4ec60ee08676877c70
-
SSDEEP
24576:UBOldyR6ORWsaM2QROxa6jsqUENfJjNK/CG6niqiL:2KzqWsayROxa6QDENuaG+ifL
Score7/10-
Loads dropped DLL
-
-
-
Target
Tools/proxychecker/Colorful.Console.dll
-
Size
88KB
-
MD5
5f3d2cfbc21591b8feef1efa3e59a4d0
-
SHA1
15d1ad963a13b6c8ae28c26e7dc1cc3da2bc3bb8
-
SHA256
f31d4fd7e729fc6cf4ecab972b6b1ee897918a325b1ca572030966f831e768fb
-
SHA512
05135188c3b75cf642e4e1e833d01c24d2ce2c2b1ae71b0edf048e453a4716226d7af582365d2f6ab803b4b0fe83ce67d4c39125963fc50d597c30e56ae74a2f
-
SSDEEP
1536:hLeJYLqthWMjfBiRlijZFgWHdQe9nLClbWG:hxLqtQMv7d9nLqCG
Score1/10 -
-
-
Target
Tools/proxychecker/ProxyChecker.exe
-
Size
17KB
-
MD5
5124f28ec4d487207b9ce6362c7b0d9b
-
SHA1
6fdee551cca4898c77d7ad91519b977b229b2317
-
SHA256
bd939a75151715536dccde6471b64a0ab6436184bd5ff4f3d89fce976a1f5561
-
SHA512
fb729549e62a4ebe67113cff6c28b24b22b3a326076e57073639ca0f57435b5c8d76e8b9e1c6ba0f75307011568ec78d9446b905a508ec1715059217388eced2
-
SSDEEP
384:kLRaVeNRqcSJAdDv27sZQ5XD2EBnJSnKr8l1IKZa5Cc1G:kLFNRqvqOsZQ5XLBnJSn28lZU5Cc1G
Score3/10 -
-
-
Target
Tools/proxychecker/xNet-Ameliorated.dll
-
Size
74KB
-
MD5
44d7396d8b6fbd8f1e9ff4d0278bb767
-
SHA1
7c8dc050381d2e19b989943f961fee45bd225b69
-
SHA256
16ea0eab1ffe6b3b05abf1b04baa7c2695885795c5bfecb6cfcfa595a0fa7b30
-
SHA512
320573c76b448b6f625917d26cec738c94431d274e340a9a0ac5401535a75faa9ebb65616fd23a069de39e4634baf79a67527eccf7bbd197e8f3cb823ec4d93c
-
SSDEEP
1536:CpGjP8+k8PDYivFAS537WYRwFH1+KZ3etqp:CpwJgYAScYRwFH1+KZ3etqp
Score1/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/AxInterop.MSTSCLib.dll
-
Size
293KB
-
MD5
0f809467f7e99aa1b6572a9adfdad685
-
SHA1
f0dc9956841a1df5b8fc006d16a1e21e7687b5dc
-
SHA256
b9d3566e580ce6ec6fcd77d3bef3912a8e1995cc3dece3178c27c503ef00e495
-
SHA512
ec1d8259818ff98070ab6fcdbc3329bce51bb68b7c78ac74a0227da44da8a648f481c0e8cb1f18d5002955556e913b371b000acfea57573ec7626c6497e8d972
-
SSDEEP
6144:xM+MqDWxDTXd01gDbF7r16IFe8IBAHLVuS7YTso1C+cC1Z:xcpZhos
Score1/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/ForcerX15+.exe
-
Size
733KB
-
MD5
fbde9d854a7f3064786abfad8d413faf
-
SHA1
0755b3590934af35f4b801858577bcb94cde13b9
-
SHA256
bd3141d88e2d0e01a974f61d1e1489f06d22464f2e0d50682ce1a780cbbb96a6
-
SHA512
7b263ed19a0e7e9a55ceff036a97ebdc595f248f52d2a0279bafc080fecceed6a5cae9640a678cd5cfc75c421afe84591ea68062ce39bc50d9b5681ec8d498c3
-
SSDEEP
12288:x8hC6y43u/6UnnxOC1PCZXOYLvqH1rmz4IX5kqavTdR9NHNziR1:YC5PQJqRmz3XlGTv9lNziH
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/Interop.MSTSCLib.dll
-
Size
519KB
-
MD5
938c86e094644536a8e5293447310d18
-
SHA1
926af64ec50877f073a2346455c72c1ee97a1874
-
SHA256
ab589186acb951ffe19821a8210dc1baf34dd040d7dfc2ca57e2b07a42c11a29
-
SHA512
f4428be43661795ef0c01100e8d71a82a4d8e60f79e7000adc31526d88930d6eef2032d29bf2f2c53e087a2f97ba03946c046c0f111b2a3d22d3f592e0f1966d
-
SSDEEP
12288:cb0pCf4dmzcB63g1+LEZSPINWjsxKnwlN7Yx2H0tyDg5OvvP4kiSkoEDJnVmMvle:cb0pCf4dmzcB63g1+LEZSPINWjsxKnwS
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/KPortScan3.exe
-
Size
191KB
-
MD5
c0a8af17a2912a08a20d65fe85191c28
-
SHA1
0fbc897bf6046718524d05b6bc144c3785224802
-
SHA256
080c6108c3bd0f8a43d5647db36dc434032842339f0ba38ad1ff62f72999c4e5
-
SHA512
bd6b67a2f285a5634c5d38f742d5528a661414d3fb88f8065433f6a6a1a3a3f707dede9be7bda9bac9327240422c2314081d0a9eb9b6bc61687465ac96868ef9
-
SSDEEP
3072:ywYXnaz7fOTkQTwokTqLIOt6r+9dEPlUIbrMOFTfM0OZhEt3hjOrX7a0K2gY7fq2:N+naz7OTkNPTqLIOt6r+9dEPlUIbrMOE
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtCore4.dll
-
Size
2.4MB
-
MD5
438717377b9df0f53f283c9e4aa722cc
-
SHA1
c413917dfcb816799613c6f86b55952c887ff711
-
SHA256
a679cf46e128d028de22fb9ed8432e5107e53f8e7e6fb7f5e169b3eeab8f000a
-
SHA512
03c10588ec47bce9b6c40fedffcaa775b84bb691450789000c17e7df02554036ee336d382524b35bfa67dbc4ae4b95d3d1807d61f46016427856f60850383f3f
-
SSDEEP
49152:vfGCzRdEZK8hyX2ntJsv6tWKFdu9CeTxLyvL/6mShMZtmjNUVrciV5P+7QVg07Tl:vf8KF2tJsv6tWKFdu9CIK
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtGui4.dll
-
Size
8.0MB
-
MD5
37957facc9afbdfbd119c8372c9cf0e3
-
SHA1
1f5584ae75e947ffcbe00dc17bc423bf3f906ad0
-
SHA256
bf52fec00b4f640d07bea3850096cc77983fca518bbec8122997b7ca561205f1
-
SHA512
24ef6418f904b646d31912e0f350a0eb10147015bbd4b3710aba62c5a1da5d001600d9a381beb8d871d30cc0b07cf2fdb034f81f60810d8c14899cacdf68ad4d
-
SSDEEP
98304:ixT4yTZMEMrIJCZxMvwQoVgN1617/PO1IQlS4Xsmw2zZQvkfsnXWP:ixbZxDJ9vv7617VQlSesn
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/KPortScan 3.0/KPortScan 3.0/QtNetwork4.dll
-
Size
982KB
-
MD5
5c6afae60414546cef0a9b759da93912
-
SHA1
928aba35960a17b9ee3a3e2f2f890b8aa6842e6b
-
SHA256
99757ec661fd7de3b22fb641f25cf1565aae13daf8d31c6686c6c7cbd2be6fc9
-
SHA512
bbd7aae541c5677317f68472c4be008164909f6395c43e554c4b070fb398ec680f496505644de0a706f831bc850e770c60c699d5aa0d5a7e0e19c5fc48e5c727
-
SSDEEP
12288:BQ4LHoNwBkUx/0RpieLY+EZ8R2/hGT/YOt2ck/qTpQ39NM7LMi7nR4djiz0R6H2j:zr/k60RpizZ83/T6CTeNuMwR4djip8L
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/csrs.exe
-
Size
270KB
-
MD5
6df085a6dbc5f6dcb504c272e08f883a
-
SHA1
cd1f3bc06a9e7f060a9459186fa04d1e6064bb1c
-
SHA256
f1f91a4172379c7952d6ce16c9df13eabac4b969c3fca3006fa30c866a96c60b
-
SHA512
b53c620bbd5c5976221cff20314c1180766b4402f6dab2f6029e44ccce5ac115bea28b12f11ee2344dbf6111a0c4e3bd9868e62593feaabb96c9d9a8e1ae3e1d
-
SSDEEP
3072:lajUJwRNDPi+Y+CvN9kqQAQxATeXme7O+3FOkYSURaFhLaVyO+XBIX1Ib23aifgc:laMwRNDPi+Ynsm+O+3FjbURQMmCY2
Score3/10 -
-
-
Target
Tools/rdp/RDP Forcer 1.5/freerdp-client.dll
-
Size
234KB
-
MD5
307fc3856c7986f567ab9bb46b36a557
-
SHA1
2152d303c500179d3c85a24767e4487cfa1aa248
-
SHA256
d3efe3a97d7417a8097ef5da4be68e91be93c94be9d8be0420a2f82bf611b1cb
-
SHA512
9a892ae1472d4ecca8963a292d311e9ca1f0990ce67fee7bbc0df93a1927803c966321797aec2a68401cdf1958057d6edd6f6f25da75080c4a1859d956d36873
-
SSDEEP
3072:NYUbmiAGaYuctHBUnRmdHjsEsN915Z0Os3I+rt2dBpEKjSf082k43R0Qg8NghlHI:NuiALcpOG0NJZ0PI+rtIB3Schi4ir2M
Score3/10 -