Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
31a34bba303...cN.exe
windows7-x64
71a34bba303...cN.exe
windows10-2004-x64
7$PLUGINSDI...er.exe
windows7-x64
3$PLUGINSDI...er.exe
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3RapidTyping.chm
windows7-x64
3RapidTyping.chm
windows10-2004-x64
3RapidTyping.exe
windows7-x64
3RapidTyping.exe
windows10-2004-x64
3fmodex.dll
windows7-x64
3fmodex.dll
windows10-2004-x64
3freetype6.dll
windows7-x64
3freetype6.dll
windows10-2004-x64
3icudt44.dll
windows7-x64
1icudt44.dll
windows10-2004-x64
1icule44.dll
windows7-x64
3icule44.dll
windows10-2004-x64
3iculx44.dll
windows7-x64
3iculx44.dll
windows10-2004-x64
3icuuc44.dll
windows7-x64
3icuuc44.dll
windows10-2004-x64
3zlib1.dll
windows7-x64
3zlib1.dll
windows10-2004-x64
3General
-
Target
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0cN
-
Size
8.7MB
-
Sample
240928-jyaemaxerb
-
MD5
42b2d6e42c5eae489ed0a7b5e98bdcb0
-
SHA1
41b4454967e0b34006451fd074dac7981dc4f775
-
SHA256
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0c
-
SHA512
d00115763c5cc5db0ac5f1e841bc94723355eef0ff68d16dcc889c4e3e83efd5ff2876b87a6e3612ca129ea445a77ee6efbd6b216e7fa8ee1be40cd98a6adc7d
-
SSDEEP
196608:L/eQntyZ88cg9Ti6kv0Qpl9JULuIosSu8EcsEKJU3F9b6c6LJby:O8G9Ti65o9JQuPRQe3Lb6lJy
Static task
static1
Behavioral task
behavioral1
Sample
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0cN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0cN.exe
Resource
win10v2004-20240910-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Installer.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Installer.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240910-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
RapidTyping.chm
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
RapidTyping.chm
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
RapidTyping.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
RapidTyping.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
fmodex.dll
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
fmodex.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
freetype6.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
freetype6.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
icudt44.dll
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
icudt44.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
icule44.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
icule44.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
iculx44.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
iculx44.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
icuuc44.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
icuuc44.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
zlib1.dll
Resource
win7-20240708-en
Behavioral task
behavioral30
Sample
zlib1.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0cN
-
Size
8.7MB
-
MD5
42b2d6e42c5eae489ed0a7b5e98bdcb0
-
SHA1
41b4454967e0b34006451fd074dac7981dc4f775
-
SHA256
1a34bba303197eade878b483cd8b02c2bd6bd2af9d5ec501bc61b4b318704f0c
-
SHA512
d00115763c5cc5db0ac5f1e841bc94723355eef0ff68d16dcc889c4e3e83efd5ff2876b87a6e3612ca129ea445a77ee6efbd6b216e7fa8ee1be40cd98a6adc7d
-
SSDEEP
196608:L/eQntyZ88cg9Ti6kv0Qpl9JULuIosSu8EcsEKJU3F9b6c6LJby:O8G9Ti65o9JQuPRQe3Lb6lJy
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/Installer.exe
-
Size
395KB
-
MD5
be2d0db081acbcf78f5eebff8223a943
-
SHA1
58d19519bffc719e916599e1f3f1090871d309b6
-
SHA256
7f14f84f3e694e5fa12bd98906f26244679bc995b2f3d840c432b2f492afe3ce
-
SHA512
14e102d3b956a869fa2733133ab56cc515bf876fcefcf0b117f2d06d08292b59370bbac36b20528ded8b3be0081544615ba2311949d7e05c04687f88dbb5b78e
-
SSDEEP
6144:eygc7lUBjcl0hLt7ibLghy0t9+B9AHKyjVrTLkkP7qcXvxZzchsUA:NUBj+0h9ibLgyo5j1QkjqcpWK
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
a4173b381625f9f12aadb4e1cdaefdb8
-
SHA1
cf1680c2bc970d5675adbf5e89292a97e6724713
-
SHA256
7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b
-
SHA512
fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82
-
SSDEEP
96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
7579ade7ae1747a31960a228ce02e666
-
SHA1
8ec8571a296737e819dcf86353a43fcf8ec63351
-
SHA256
564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
-
SHA512
a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
c10e04dd4ad4277d5adc951bb331c777
-
SHA1
b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
-
SHA256
e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
-
SHA512
853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
-
SSDEEP
96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score3/10 -
-
-
Target
RapidTyping.chm
-
Size
2.4MB
-
MD5
372f3c8937549d29e7c2f3a50af02f46
-
SHA1
9c51e709d66f672abc879dd109b697f2fb9105e9
-
SHA256
e1549edb743cf4be5e6f5f9bd1411740b023ccba5a2b36c2bf9bee19a3ecc008
-
SHA512
c597809bf9a0f867e32debc3ac3aab836b557cad1b8f539ea62ebec4cbad033c1389b7ec71326d6646164935d34d90fb7e6f998afe389582b11f3d0772cd5d4e
-
SSDEEP
49152:XGTDwCEBwh4vgEeDAtlWNRNT0WFqxhLADIsXymB18OBMPb9NIgmGjQ:WnwCEBO4zeDSWZT0RJxmz8OqPbrgb
Score3/10 -
-
-
Target
RapidTyping.exe
-
Size
1.1MB
-
MD5
f2386e14811799117ee1eef3a8bc8c16
-
SHA1
1eb8f4429e06d54ac2f4b637932ccbcc4181f4f2
-
SHA256
2699ff497242919318d71f963c2ba7b818bd7ed0edc4815c844e0ae6d8c00b6c
-
SHA512
f28a8ef01ccfd0a99f506ae0e10b956377b25c069953101bc21b3ac3b73c6b7fe6de2fa68bf6e0b959300fc006011dff3140ff8bd4a7f6ac627a7269e6edc188
-
SSDEEP
12288:yIOiKNZaXmgkbs9oOQ9YmsY65a4VfK8GIU6w5DvBmljKXjk2gD9jPDcxT6qPk2ki:yIOiKNZGmgoiW5DvBGKXjI9jPDoT6m
Score3/10 -
-
-
Target
fmodex.dll
-
Size
780KB
-
MD5
da7dc857d6cfd75da9bfe10b90be8178
-
SHA1
0d85b54b9388f9445aaa98cb29762d9a221ab990
-
SHA256
284a73868b1771d7e354dfde09579f54b489479050f7cff945af08bcab562f25
-
SHA512
34c8bc5cbd3c3aa2352ddce53294d09632cadeb943e46ceb389db435beab9ace20c9f17d035b6a21e19dc8a0d8c9496e5a6076c32748eceef7fb8188e6fb9ba8
-
SSDEEP
12288:S2I2nn6lg/KE/rFaz38/Pysigpi9YhsKYA8u454UyKlyt6tVsm8B7RkHG4:RBe3YtrStKHIoK0B7qm
Score3/10 -
-
-
Target
freetype6.dll
-
Size
510KB
-
MD5
ae25b99ea9aca8902d33124f80704b32
-
SHA1
5ec1528e76195e64606fd41309fead99f4cddd40
-
SHA256
e1df09726ac0a651324beb3e17af766d432bc2cf0f4d39ac4e9c7326fff0a372
-
SHA512
73c1d01cbfcd984404ca8e9a87d488068ac0cfef8a69ad414c9d4e976b9c16d0d57072c8a6926fd9b32acb3348ebbc20068b7451381956b2dafcd0716776bc95
-
SSDEEP
12288:h9t8eEXQhlg0gFVe5EcPh2btNNA0ffQS8U2LgAN4:R8Ihlg0gFVEEcPh2btNG03Qjcj
Score3/10 -
-
-
Target
icudt44.dll
-
Size
14.2MB
-
MD5
45a743dc111dfd94b071be81eeb0910d
-
SHA1
5392ab467690b1f18422b294c5e2956363ab166c
-
SHA256
0579cd3f8a7c4584d4d1a22e9269ee2b53eeb2f3912b0bf22a969b2e3e180ab8
-
SHA512
557c88fe06cd65d1c5a69e594b6044d2764a7537da121d0f65776101e5520d71a38e7724844fe04dc78a83deb86c19a4515b27155ff6faf8de12973c53371794
-
SSDEEP
393216:klCE8Ja8J38JcqtVKmGS3WA0WTC12AZk:jEraX
Score1/10 -
-
-
Target
icule44.dll
-
Size
247KB
-
MD5
e82bb21dde7bebffaea81abd73ae9944
-
SHA1
b410ee26cc434bb549e09aa111257f8001e69013
-
SHA256
09ef731ba85ece1a0bd76cdf98c38900dbd993ca14e2fa378002ecceb1ac9d7e
-
SHA512
c649d7c12f32acb27c3b7f57d7311a1e3fea97fea1ae6e7e34817663cfe9df0da904e37e3c52f3ab95ab8987929b0355e3b48171a45fcdcd736140575b3cf15e
-
SSDEEP
6144:r/BZ88BjcaQTJAbhPqbdDFGMReiDPQs+RO:r/BK8BjcaQdCPKJGSH
Score3/10 -
-
-
Target
iculx44.dll
-
Size
99KB
-
MD5
5de6d4eb61c5ab080d2946a2ecf044d4
-
SHA1
c6875fbb8fb362bb572a625426d00f21afdab67e
-
SHA256
a1efded9e14391cabe05de0e625b4026e44b0fd5b78a44a41b44d0a0b4081f8f
-
SHA512
cd98fb94469080340b3468e0949aeed05faea800e9effcb5b68bf9670fcfc165ececbd152a553a41d0e80455f605966339c3710011969f4cc306247c39043ac6
-
SSDEEP
768:DOYT3Gzh07i2ttttyJLjNlU28kmANuaLJ/MAAOjxWqiMuOdl1JjWg5QZqbsZymgN:v3EV82pm2x7id81F5QYmy7y5IVOwV
Score3/10 -
-
-
Target
icuuc44.dll
-
Size
1.2MB
-
MD5
9053fa6645fbcc6e57e10e415e472d68
-
SHA1
7ddfacbf1d7df2befe0b056836e174d897c4d182
-
SHA256
bce35e6b825bd56673c11081af58f217573a02ddc86a0cee9270362b492a2ff1
-
SHA512
2e593e80c90cc69fee7b90b7c1053ec53f1c4d3938c269b313f8a95e66de503fb0eadcea7718ed92c1dcdbfeb66b5684b84e63dfa113a3827fc25a3b1a376010
-
SSDEEP
24576:O4/EloDiFNIBBCQwHIKSYThyypZiKzk0R5l:O4/moDwNr8Sjdl
Score3/10 -
-
-
Target
zlib1.dll
-
Size
70KB
-
MD5
26523ebace164f8cfda81e4932b690de
-
SHA1
de64c113d354784b3f1670bc44b2f4cfa9673260
-
SHA256
f184377a93bdd583506a17935acf1b5055f3f5b23701b8d78e2e39113a1f510c
-
SHA512
a66628fcbd11a82899dee088d5a65cb0a60085cb392622e16e2a25dd3e591bffc21211f1c7141e0f5fbc0ca0fe396e5fed3edc819d78b6ab2af539eb2947f4b0
-
SSDEEP
1536:qtS2Goq8LMFgynEcCQ50bnik/yfF8QZeRnToIfA/IOxIOCmbV:lTP50Cz+TBfAxbCmJ
Score3/10 -
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1