Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
7v/9PbHH.dll
windows7-x64
7v/9PbHH.dll
windows10-2004-x64
7v/Skin.dll
windows7-x64
5v/Skin.dll
windows10-2004-x64
5v/VEzOD.dll
windows7-x64
7v/VEzOD.dll
windows10-2004-x64
7v/War3Shout.exe
windows7-x64
5v/War3Shout.exe
windows10-2004-x64
5v/pe.dll
windows7-x64
5v/pe.dll
windows10-2004-x64
5v/v.exe
windows7-x64
7v/v.exe
windows10-2004-x64
3启动VK.exe
windows7-x64
7启动VK.exe
windows10-2004-x64
7General
-
Target
3f17c5161c07395d1d4241a666f4e83e_JaffaCakes118
-
Size
4.5MB
-
Sample
241013-ljdvlstgrp
-
MD5
3f17c5161c07395d1d4241a666f4e83e
-
SHA1
a9509ceca32df124b50a1ca971fc48c52aa36809
-
SHA256
cfac663ce6d6b69fa74c1e5dda175f82b4d3e83d4a52da8b0777fa707689211f
-
SHA512
adda297381f7ae61fe10f2740ddcf2b520b590a64b2ceeb1e0aa0b3d9d49bc260084b0371f9e1eb158bf8a73763a01f6281d8c0b31df56201a1e968e86c4937d
-
SSDEEP
98304:1ZqFcd/B9nIVGUZmFyA5sQcAgnVdinjY96j8S61x8nLs9+WPsMZrNf:1HdZRIvZMyKUnVGjroS61an4EWPxZrNf
Behavioral task
behavioral1
Sample
v/9PbHH.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
v/9PbHH.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
v/Skin.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
v/Skin.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
v/VEzOD.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
v/VEzOD.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
v/War3Shout.exe
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
v/War3Shout.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
v/pe.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
v/pe.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
v/v.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
v/v.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
启动VK.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
启动VK.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
v/9PbHH.dll
-
Size
2.2MB
-
MD5
137a8d46464c7b6647f72c5eb45419fa
-
SHA1
14f7f6ec079b54a227d68917b5de07996358a41b
-
SHA256
7ccb8b5d3941127c59395e1cba959f9c063d5fd61b75b4e2e7fd293627b196e7
-
SHA512
aac6f38ce21989c4fdad0a29b4669d442ae6856f36bc045efa9dc82e9054bfa562cc71ab4bf3854dccd3655c67fc0f50ed72f6bc6306fe3f96c0da6e1eaac095
-
SSDEEP
49152:F6QzGPQauBHygDa3/B3MXfN8Z3liQFuD8gD9zVpU0JUVY6m4em3AC:UIGIacuB8XF8B49zwsUVhm4e
-
Drops file in System32 directory
-
-
-
Target
v/Skin.dll
-
Size
90KB
-
MD5
343a0dd8583bd6d9c54cd55e123fa190
-
SHA1
57e7ff6d549d5e4ff37cf9c1d5c6ffb1d19451d4
-
SHA256
4aa1d937eff6fe54bcabc5a30f79ac2b4a60c91fe0ed4e5b4b66855ada144908
-
SHA512
c9293b0eb0877cee244c4c511b774ca596b7bb01105e32f7eb7bb11fc811d51bbd1bf356f163374837e80a69f2621d6771e4d03ec6c4bad19652154745718e00
-
SSDEEP
1536:QnimkAvYjZQrxE6jgaSwu/FNpWy9Q6uDuZNBSQ7c/zD+L9YpVuBbqoWuK0Es:QnHQZExnjgaSwuNNpJy6uDCNh7aD+hYO
-
-
-
Target
v/VEzOD.dll
-
Size
904KB
-
MD5
253243efa1f7f981be13536bf0b37ee8
-
SHA1
71456fe201419f4d6003d8ca175ce70a04ae0190
-
SHA256
60b4b829baa82ef80f2f7a5f307480b0d59fb5a1f1d436bb5534143936803308
-
SHA512
a58ae4053d6db9c449d05c58217a2314ef95a6d2eb93e8c0b254b34e18a626f61bfd4400e3d8d99bafe786b693cc7ac06f77fc0800f07f28ea0fced085ec2545
-
SSDEEP
24576:henowC/krhizl52AJdYjwF1OD5spbKzzg:heAhUA/Jpb
-
Drops file in System32 directory
-
-
-
Target
v/War3Shout.exe
-
Size
34KB
-
MD5
5379ba27f462d4d0805461a9c5f7d638
-
SHA1
2ef57fe4bf6b021392d223b17c596b2cfaf3e1dd
-
SHA256
d188663c4cb249c3af45c6cbd31cc01f0a2be206b95c8500e2a96db26134e781
-
SHA512
09884f62784b15c52252dc4789feb6e0d72161e397433834ece06817ba563d17a3aed003ae53f87964075dff3a13d9b3f55fdd45bfdbf7b354e82bc6a405eb2e
-
SSDEEP
768:8/5yKouxljKvAaowrjZKaQ/qYnd6Ck9xg+nBZH2MlwWe:65VouxljKvZnZHNdWMOr
-
-
-
Target
v/pe.dll
-
Size
15KB
-
MD5
9fc93047d88741e9d5382dc7309f7379
-
SHA1
a8a237db66e374f9ed798e481678f9d5f8f80a15
-
SHA256
7fc33b4e2d7e4291a4599ffcbefe2e5772e3d53fbaaad32b54f10e8aada953ce
-
SHA512
86c181aad81a33cc243142ca0a2217e9414ffb5f5769d0538e9522f226840c94cf14ee3c71dcac2365ee6da99f81713cb32478abdf0312181c327aab34404325
-
SSDEEP
192:sDi0J0YW6wt5yZ7H2/UC1aADEprQtUYd7qQJIApg98fbRAQQ/Lt7qozp5ZinaxCV:s20X1Z7/C1BEprQtU6lBDRi/xOhag4K
-
-
-
Target
v/v.exe
-
Size
2.1MB
-
MD5
4f6c09480ef5f7a4adf9179ae871c353
-
SHA1
6186f27d9769460c2327ded74269dbd2c237f1b2
-
SHA256
ea9a07fabd737229a5a230398b40ca2b73ceef44a17d1c52555a339eafd89c41
-
SHA512
f89a4fb314e4f3c8216179ac04c908dd8fa4305c272272af4e6e9b85cd0a3738f7c06e263372e3f15550ba26334480882a31a70863468c4ab2c2ea3b7ead669f
-
SSDEEP
24576:zSHvVDWZnUiwhAC2d2DN5VKXUSCi9wVXLxyLQJNyET/WAcjZRBKRDcL:zYq7dC2d2DN5gXUA9KxyLQRT/9clf4A
Score7/10-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
启动VK.exe
-
Size
44KB
-
MD5
b9d83695fd09784e44213c62a5f350fc
-
SHA1
e4d822e72d30badae5116263360c6d2ae1aaa819
-
SHA256
e6697e51280e96d33ca7cd8bef7d8590f30e8d01420e4666c5e7a8de8bb3093a
-
SHA512
610fa68978ae298e852e469f31c90038107a170e936c5461f35c658ff2edbe29e4fad89219e0603210ccf7dacc989722842d340495178615b30e93c70b181e8d
-
SSDEEP
384:lBdQaH8DN3lFWqSsToP1lyU0hmtHEL0hmEoP1ly+FWqSsCdQaH8DN3:lBdLcp1gsov9vHELaovJgpdLcp
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-