Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
multi tool.rar
-
Size
49.4MB
-
Sample
240922-trp7lsyclh
-
MD5
ca8f8a01840deee4c91e72bddd162375
-
SHA1
6edb1e425f21a800631d4bff5b7713de97aa4b61
-
SHA256
2475057e86ae6b275f649474564115858530b0d0d556b10e678af48151c1b683
-
SHA512
144732103cef741f79f98b509bfbca7ab5fb2c81e27216cf7c7a36a8d87b5fd6c11109db9846ca7da751663a1d3be84348263a6ca7298abedd5bb44f00167251
-
SSDEEP
1572864:aqay71Cws3VEdxszS5qay71Cws3VEdxszSs:ha0VslKCa0VslKC
Behavioral task
behavioral1
Sample
evonic/dont open/main.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
evonic/dont open/main2.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
evonic/run__.bat
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
evonic/dont open/main.exe
-
Size
24.9MB
-
MD5
98850511624ea2618505ac15dd6abfe2
-
SHA1
77a89d4a78b8bf9cd21041977dc409bbac57a214
-
SHA256
7cb42859aacffc0604eee57e6c36ebc171bea77ab3d34bac03da28766e5e6045
-
SHA512
9e2a6a208db5b204db4ebd3b190ccc214a4de74460815a0839b2e2fbe9907dba7354ae6ca2c1b2bce005607382a983ada1c721b31e1b1c8c0a42a737f72ae58c
-
SSDEEP
393216:uqPnLFXlrt3c1kQZq7oBDOETgs77cGRLgRGhpMpve+rK6x/qvs:jPLFXNt3GkQZq7PE7X2GoYwxV
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
evonic/dont open/main2.exe
-
Size
24.9MB
-
MD5
98850511624ea2618505ac15dd6abfe2
-
SHA1
77a89d4a78b8bf9cd21041977dc409bbac57a214
-
SHA256
7cb42859aacffc0604eee57e6c36ebc171bea77ab3d34bac03da28766e5e6045
-
SHA512
9e2a6a208db5b204db4ebd3b190ccc214a4de74460815a0839b2e2fbe9907dba7354ae6ca2c1b2bce005607382a983ada1c721b31e1b1c8c0a42a737f72ae58c
-
SSDEEP
393216:uqPnLFXlrt3c1kQZq7oBDOETgs77cGRLgRGhpMpve+rK6x/qvs:jPLFXNt3GkQZq7PE7X2GoYwxV
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
evonic/run__.bat
-
Size
3KB
-
MD5
8720f9334084026be87258c48d3beefc
-
SHA1
6734688e37073655662271ca0546df27652ce6ab
-
SHA256
d4b8e7707c3cab1010b38627a3ca2e4196c405a184c69e5a46082c451e8284fc
-
SHA512
e52d89800e31ca55d238331878c01d566499a30e15d85140e64bc1162426b92305ba896713302a93450fbc0a5a682f6a9b1a87d01004de90f782c311f6d34759
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-