Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3DupInOutDu...ut.exe
windows7-x64
7DupInOutDu...ut.exe
windows10-2004-x64
7DupInOutDu...LA.rtf
windows7-x64
4DupInOutDu...LA.rtf
windows10-2004-x64
1DupInOutDu...it.dll
windows7-x64
1DupInOutDu...it.dll
windows10-2004-x64
1DupInOutDu...it.dll
windows7-x64
1DupInOutDu...it.dll
windows10-2004-x64
1DupInOutDu...rp.dll
windows7-x64
1DupInOutDu...rp.dll
windows10-2004-x64
1DupInOutDu...le.exe
windows7-x64
7DupInOutDu...le.exe
windows10-2004-x64
7DupInOutDu... -.url
windows7-x64
1DupInOutDu... -.url
windows10-2004-x64
1General
-
Target
742c1febeb55eb98b4deb688bcd8601ccdd0634650fe388c29cd7c4bf7d5742d
-
Size
1.3MB
-
Sample
241010-chyzqazfjm
-
MD5
cd4ef9811a4af7bcd80ca3e57db56b16
-
SHA1
01c909567d7cd4ef18076f1e7adaa18be9767d19
-
SHA256
742c1febeb55eb98b4deb688bcd8601ccdd0634650fe388c29cd7c4bf7d5742d
-
SHA512
738f5fcd760e80e5576b9bdb3d858fa0f810398de6049c5790dc2ce812b4cd3a232079d419b38ab2885810ddc6395129f3be92db23eebbb5fb423df34fa01e24
-
SSDEEP
24576:T5lYgE3AlP2leJbjpCcxTfdkRJR2c1F9DKBjRHUh+yqZtNcg+:PhE3NeN95SRD2c3cld0PqjNc
Static task
static1
Behavioral task
behavioral1
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/DupInOut.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/DupInOut.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/EULA.rtf
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/EULA.rtf
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/System.Windows.Controls.DataVisualization.Toolkit.dll
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/System.Windows.Controls.DataVisualization.Toolkit.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/WPFToolkit.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/WPFToolkit.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/taglib-sharp.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
DupInOutDuplicateFinderPortable/App/ProgramFiles/taglib-sharp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
DupInOutDuplicateFinderPortable/DupInOutDuplicateFinderPortable.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
DupInOutDuplicateFinderPortable/DupInOutDuplicateFinderPortable.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
DupInOutDuplicateFinderPortable/Muchos Portables!!!! -.url
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
DupInOutDuplicateFinderPortable/Muchos Portables!!!! -.url
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
DupInOutDuplicateFinderPortable/App/ProgramFiles/DupInOut.exe
-
Size
1.2MB
-
MD5
adf4ee26aa02f6e13b96e0e63bab6c76
-
SHA1
40bc393a1cc8a2a4aad8d4923218374a09eade54
-
SHA256
79ceafcd892910b8bedb9176e511ddfdeef5fd35383eb3a305795a82f75a846a
-
SHA512
6ee054170ce71bb411ed65d9520ea71bf7162aa0ded965d8add393ab0d49aeec8b3aa3ca97093277bca9c4d34b65f51a567b62f9db61a0a65c0a62bac7371bf6
-
SSDEEP
24576:267YNVenV3DUHmXF+Z3iSj3zHV/huMXLPLF7CAvMLn7VFMzFvuicg+fdYkPtEth:F7/3D3V+Z3iSj3zHV/huMXLPLF7CAvMQ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
DupInOutDuplicateFinderPortable/App/ProgramFiles/EULA.rtf
-
Size
10KB
-
MD5
9d965387b280ea706e8c3bed38a11b2e
-
SHA1
f166e40c120c19a55d502faeac2bb4bf797eb8af
-
SHA256
b76436b9c9896bc99be38240a92d809ee316fcfbc3005cf2cc281e925bc07213
-
SHA512
7488ff7464ce36cc29c8738fb8cd9a793dbf6ad596f94a13d2dfbcaaff2a2b8948f5297c89665a44e75030da49c8262c4b00533946a4ac1e5851ae981f79d234
-
SSDEEP
192:MC8OI7ork/bRrxvRMDv7tMY8nKkVVyzfy3ihk62Nre7W4MDEErZ2:r/I7o4T7J2t4yzYA2Ze64MDx12
Score4/10 -
-
-
Target
DupInOutDuplicateFinderPortable/App/ProgramFiles/System.Windows.Controls.DataVisualization.Toolkit.dll
-
Size
250KB
-
MD5
857631afc720b8955b26696e1998ef7f
-
SHA1
ef5c4f8dbf70517d9643543466fc690f0b6f0811
-
SHA256
862acc50a8ed16781c3be98336cd8e49c7778859fd6006f68d1c823f8be425db
-
SHA512
2a048596bfb8682177300adbf0d6df0b6cf5d716ab69ffbd25a01a3f23b59492b16823fb762ca91541bbb9bc82d6ca4d48bba2ff2f2e73cde7df60a9a7fde52f
-
SSDEEP
3072:RGFBcWR7g0T2oF0QkSseut1BjHadJoNT1OuLsnKUFMsoobQvsvqoD:RGr80b0Gu3FadJoNT1OuLuKUdoHg
Score1/10 -
-
-
Target
DupInOutDuplicateFinderPortable/App/ProgramFiles/WPFToolkit.dll
-
Size
446KB
-
MD5
56765db9d5bb0957e0bcd43e48dac999
-
SHA1
a003693df359d52cbf1288279bb1a74640f9c5eb
-
SHA256
870cca9257df7287c30f58b329eadef825db6d7992ea6feb65e5293311e8fa92
-
SHA512
650758c7202a82bc969a89fe7280592967c1e6a389a9f8b83c3e3715335ea669e91fc46fbe7a6487f0a436a8469e7aab926af0c5cdec3b8f735d1548cf02f5a2
-
SSDEEP
12288:b7D+OTvePnOiCndN0OE0Qe1oRxxRSozG1ruos:b7D+OTvrndN0OE0QWlUG1ruos
Score1/10 -
-
-
Target
DupInOutDuplicateFinderPortable/App/ProgramFiles/taglib-sharp.dll
-
Size
479KB
-
MD5
7fd5aa9f5fc1c59b9b37327940274a03
-
SHA1
8e511b8359a3bb32d6c9d84b83a3845cfcc575e6
-
SHA256
e79ca19838b09f4ece43ca178bf767db4fc625268bf2816147bbc57aa6ce5aac
-
SHA512
0c9263ebdaf786a334a90a109872ad022e751a52efb74bbc6d8f2c0179cfac5ccc77663f6f208991376ede0378cb036ad19cd0033ebe59cdef120352c983e4b1
-
SSDEEP
6144:5g9PZ14AIIejScmHqQ9aj4nMRVd3HmPRNe/bQqvzW59XbZ6yLOChycp2bdzwptxH:GNQmKQ9aj4nsd3HOiVvzEZ6Hc2xz
Score1/10 -
-
-
Target
DupInOutDuplicateFinderPortable/DupInOutDuplicateFinderPortable.exe
-
Size
487KB
-
MD5
8e333e2ed1e85be63d1c6466eac8f839
-
SHA1
c913e6d79946b20139903b6372a420350c82bd56
-
SHA256
7f72040e2217f0bdf1c851d256ceaff016ce81270db2e2eb6344880f396e5f26
-
SHA512
7066eaeebf6aac73f6156dec92dba0734bbb75e9cfeffb5733910c768e8cdbd23b30dcbfddf9cc8719db1d479070e2485a84d699fae9f7d0b66f28d898ceed7d
-
SSDEEP
3072:tRHvBKTWHnpx0IT/END9i/7ZhmLsCdF1V98OK15AoCUqX0:thvBGWHnpx02EnhLsst0AoCUd
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
DupInOutDuplicateFinderPortable/Muchos Portables!!!! -.url
-
Size
132B
-
MD5
ea3755b22fc8dff0c051ede0f21f4d94
-
SHA1
1d3a7b0183c4927ba494cd60bf49a77c1c786aea
-
SHA256
894932952f9af3520ed210322ccfff9770e86a1e8fdbfc7e7a5b89dbcf03ec33
-
SHA512
99af953f1606820ddc545c5d78a969a37170d5002b659780415a5be6117e59d739bb8d584b4a8bfbb43dff28c2c89bfceb54f0cba935021313195c385b0fe040
Score1/10 -