Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
nigger.rar
-
Size
7.8MB
-
Sample
241012-25g26a1arq
-
MD5
f84dcf3e1e37765e2a17b92f6ea2be08
-
SHA1
8f0486c45bd92530efbcbe7c470df0e242a224d4
-
SHA256
975a3f80c603be02363042159fc630fc58cd303c1f8cda3f18d4e44783cd47d1
-
SHA512
2a9f2ea715343fb577bd35da754db04d9e1e275866bcf4e3d17c035199ecdac1401a993991af497aa6102755c511028d4940a6ae348e3773d364fc1ecc3a0335
-
SSDEEP
196608:e7yYhyaGYmitsJ/bdtha2T+eUIn6+QK5yozcGwgw0uyp:e7KDYwXIjF+5lXU0
Static task
static1
Behavioral task
behavioral1
Sample
BouncyCastle.Cryptography.dll
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
Guna.UI2.dll
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
HtmlAgilityPack.dll
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
Newtonsoft.Json.dll
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
QhtbqjQkwerkQM.exe
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
itextsharp.dll
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
BouncyCastle.Cryptography.dll
-
Size
6.5MB
-
MD5
569d36975315143faa1c72b12090dfff
-
SHA1
3f56bc9b78f64e9a0202955d8aca5cb07f07e06f
-
SHA256
aec227154fc549739ff5a07920723641f773ce65d05dca70b215183c93e9641d
-
SHA512
b20a4ab3f0efb65465cfb3f7ba6432bacdae2066c2eef4fa3f9b90a96ee5f9d4618ec3786f6c798f1552a89e7036d336e3fe0cf6f0986bcdf5b9e3879e60921b
-
SSDEEP
98304:DEQWfdkCgJOnpVp1lFer1mLLaCaunWf9ZEX4Ghp+A3NEo2O0xDe1BvuqgoRVIVCB:QfdkCHzufMX4Gbce1Juq1YCnUAP6fV4
Score1/10 -
-
-
Target
Guna.UI2.dll
-
Size
2.1MB
-
MD5
c19e9e6a4bc1b668d19505a0437e7f7e
-
SHA1
73be712aef4baa6e9dabfc237b5c039f62a847fa
-
SHA256
9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
-
SHA512
b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
-
SSDEEP
49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score1/10 -
-
-
Target
HtmlAgilityPack.dll
-
Size
167KB
-
MD5
f3ed692636aa3dbde89f4ae22f5c9efb
-
SHA1
320041117ff2fbc5e2966c7142a8f6b5c023ef8b
-
SHA256
0e8f209cb150b97b99f4788a1a1366eac3d5d3d028dedf7179c8c19d12aab84f
-
SHA512
a9b9ea43ec3958b7b590b3490b8a4304d48467428b47f541179b12d081d2db67671dadfaa93bde4dcfb6fa4869de6bf94d93e436370b8ddb155436496bc0f9ee
-
SSDEEP
3072:w5jLyrlbn3NuZVyGKjBLquLJyrdo35YMFDZerN+wF8LE:XduZY9JyJopYJo
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
695KB
-
MD5
195ffb7167db3219b217c4fd439eedd6
-
SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8
-
SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
-
SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
-
SSDEEP
12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score1/10 -
-
-
Target
QhtbqjQkwerkQM.exe
-
Size
5.0MB
-
MD5
e28cb70214fc11f606c7708eaf920741
-
SHA1
5e67d40dc3f42d654388ad048665b009e88f2d4a
-
SHA256
f89b044aaf8dbafb39cf1181b01ee5d1b244601c0f35a926076a39ae64e95572
-
SHA512
6f7ac34bf85391de49750acc01c992718d1c7445cd70f20d36f8e5ff231b28c68c0ad6077e60156c5506ce63cf28c3700f8481ee80f11dffcfbaefbd9006fcd1
-
SSDEEP
98304:yFD2T0y2F/F/wVQlCro//irEuTHtllllllllI3qm:Ig0yO5wmlao/6rEukF
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
itextsharp.dll
-
Size
2.5MB
-
MD5
7406e36a768e1bd36a19c79e5a0ebd4f
-
SHA1
315ba19be03148e57ed2a36cc00178e86059f978
-
SHA256
2b7d6afcff85f529b968bfecd8a1f35612281b913c9b450469331edd2051c109
-
SHA512
715c281461247af07dfe223a48261826e1e0ffee5d104434e0585dacf0a2de404efd1ce31674165d5d2abe9e3b1be34c08e53ff6497982efcc82c93f771cb96c
-
SSDEEP
24576:mbxtY1IMr8qOpmdByweqobc/ha3xRVxrslQK8zMgO3V99/ULzW/hYPOCBJoyq1eT:yxtYR8fGkyVQK8FpJoyq1epmf9jEH3q
Score1/10 -