Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

ForceCPU.exe

windows7-x64

1

ForceCPU.exe

windows10-2004-x64

1

GA.Analyti...or.dll

windows7-x64

1

GA.Analyti...or.dll

windows10-2004-x64

1

HTCTL32.dll

windows7-x64

3

HTCTL32.dll

windows10-2004-x64

3

PCICHEK.dll

windows7-x64

3

PCICHEK.dll

windows10-2004-x64

3

PCICL32.dll

windows7-x64

3

PCICL32.dll

windows10-2004-x64

3

SetupHelper.exe

windows7-x64

1

SetupHelper.exe

windows10-2004-x64

1

TCCTL32.dll

windows7-x64

3

TCCTL32.dll

windows10-2004-x64

3

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

libssl-3-x64.dll

windows7-x64

1

libssl-3-x64.dll

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

pcicapi.dll

windows7-x64

3

pcicapi.dll

windows10-2004-x64

3

remcmdstub.exe

windows7-x64

3

remcmdstub.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    download.zip

  • Size

    2.4MB

  • Sample

    241028-xe6klsspej

  • MD5

    a6d34d50e4d15767b1f83baab67c8d48

  • SHA1

    b93b87645bebbd55954ea7dd13e987c260d5553f

  • SHA256

    b5405f7554de66f166fb12da71be38e24af748dfe4c00bee6e727e92a2d3f76a

  • SHA512

    447cd355eb49b193590b7bf83e20f0908069e5f7404c8c24b510129c2fb9d77e0a7d7c1cfb0f0e852176e0dcbc9041d9465619cf5317bf5c23f0320e79bbda81

  • SSDEEP

    49152:ZHcdbUJZ7yjKBsjMLsTHGh9FWJt0tvzrcYeSMVW:FcNjKBcrq9FOaPpeLVW

Score
10/10
netsupportdiscoveryrat

Malware Config

Targets

    • Target

      ForceCPU.exe

    • Size

      19KB

    • MD5

      b982a103b0d4e0db856026a163124bf3

    • SHA1

      40772be00068bbd394ff0fccd551151a822f3e70

    • SHA256

      2d209c2b823e350c1f1661f87a3a013804302477afe56877f94adbafe7a2e06d

    • SHA512

      214ecdf348e2093e91a489c0541f05eb3356e2531c1840a99d9f727caf1130f5041ccbc6356a7bc31fb4dece927d3fee2fa9e4689d2badbe680fd40104a9d327

    • SSDEEP

      192:fHtIemmfltxD5WLtWwiyT5hNGnYe+PjPxucwwyibSucwwQJk35H0JOqxEV1a//bG:xD5WLZ5qnYPLxoDfoDg+JNY1cAhhv

    Score
    1/10
    behavioral1behavioral2

    • Target

      GA.Analytics.Monitor.dll

    • Size

      52KB

    • MD5

      6f9e5c4b5662c7f8d1159edcba6e7429

    • SHA1

      c7630476a50a953dab490931b99d2a5eca96f9f6

    • SHA256

      e3261a13953f4bedec65957b58074c71d2e1b9926529d48c77cfb1e70ec68790

    • SHA512

      78fd28a0b19a3dae1d0ae151ce09a42f7542de816222105d4dafe1c0932586b799b835e611ce39a9c9424e60786fbd2949cabac3f006d611078e85b345e148c8

    • SSDEEP

      768:7su21mzJ3+LDDke5WcsvOvHOQ+5bQZdKXJccxYi:7qmByvke5Wcs22QRGKLi

    Score
    1/10
    behavioral3behavioral4

    • Target

      HTCTL32.DLL

    • Size

      320KB

    • MD5

      c94005d2dcd2a54e40510344e0bb9435

    • SHA1

      55b4a1620c5d0113811242c20bd9870a1e31d542

    • SHA256

      3c072532bf7674d0c5154d4d22a9d9c0173530c0d00f69911cdbc2552175d899

    • SHA512

      2e6f673864a54b1dcad9532ef9b18a9c45c0844f1f53e699fade2f41e43fa5cbc9b8e45e6f37b95f84cf6935a96fba2950ee3e0e9542809fd288fefba34ddd6a

    • SSDEEP

      6144:Hib5YbsXPKXd6ppGpwpbGf30IVFpSzyaHx3/4aY5dUilQpAf84lH0JYBAnM1OKB:Hib5YbsXioEgULFpSzya9/lY5SilQCfR

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      PCICHEK.DLL

    • Size

      18KB

    • MD5

      104b30fef04433a2d2fd1d5f99f179fe

    • SHA1

      ecb08e224a2f2772d1e53675bedc4b2c50485a41

    • SHA256

      956b9fa960f913cce3137089c601f3c64cc24c54614b02bba62abb9610a985dd

    • SHA512

      5efcaa8c58813c3a0a6026cd7f3b34ad4fb043fd2d458db2e914429be2b819f1ac74e2d35e4439601cf0cb50fcdcafdcf868da328eaaeec15b0a4a6b8b2c218f

    • SSDEEP

      192:dogL7bo2t6n76RRHirmH/L7jtd3hfwjKd3hfwB7bjuZRvI:dogL7bo2YrmRTAKT0iTI

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      PCICL32.DLL

    • Size

      3.6MB

    • MD5

      d3d39180e85700f72aaae25e40c125ff

    • SHA1

      f3404ef6322f5c6e7862b507d05b8f4b7f1c7d15

    • SHA256

      38684adb2183bf320eb308a96cdbde8d1d56740166c3e2596161f42a40fa32d5

    • SHA512

      471ac150e93a182d135e5483d6b1492f08a49f5ccab420732b87210f2188be1577ceaaee4ce162a7acceff5c17cdd08dc51b1904228275f6bbde18022ec79d2f

    • SSDEEP

      49152:0KJKmPEYIPqxYdoF4OSvxmX3+m7OTqupa7HclSpTAyFMJa:0KJ/zIPq7F4fmXO8u6kS+y/

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      SetupHelper

    • Size

      31KB

    • MD5

      45a29924b29cd5881da857104c5554fe

    • SHA1

      75716bfcb46aa02adc1e74369ec60f1c27e309b9

    • SHA256

      b31d4c6a86bad9eaffaa543476261aaa95705fffaaf367a6ab67133c6af5fcfe

    • SHA512

      0ee65dc21bfb5be949a8d96f0d5c04dba70c83988ddf460e9ce18e32eeb27fcb350e85b1ed5951ec2b5b2ad6506fa117fbe5495eabf58756fc66111f52b1b631

    • SSDEEP

      384:/iWwgLJEt/aSoPJY6MQ5h4/upvYHfWuFR7j4XpMQv/upvYHfWuFRhL2pNrZk6kbL:/iQaaSRqhRR2fTEQR2fTH2pN266Hr

    Score
    1/10
    behavioral11behavioral12

    • Target

      TCCTL32.DLL

    • Size

      387KB

    • MD5

      eab603d12705752e3d268d86dff74ed4

    • SHA1

      01873977c871d3346d795cf7e3888685de9f0b16

    • SHA256

      6795d760ce7a955df6c2f5a062e296128efdb8c908908eda4d666926980447ea

    • SHA512

      77de0d9c93ccba967db70b280a85a770b3d8bea3b707b1abb037b2826b48898fec87924e1a6cce218c43478e5209e9eb9781051b4c3b450bea3cd27dbd32c7f3

    • SSDEEP

      12288:OpwbUb48Ju0LIFZB4Qaza4yFaMHAZtJ4Yew2j/bJa+neNQ:epq7BaGIn4BbLneNQ

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      client32.exe

    • Size

      101KB

    • MD5

      c4f1b50e3111d29774f7525039ff7086

    • SHA1

      57539c95cba0986ec8df0fcdea433e7c71b724c6

    • SHA256

      18df68d1581c11130c139fa52abb74dfd098a9af698a250645d6a4a65efcbf2d

    • SHA512

      005db65cedaaccc85525fb3cdab090054bb0bb9cc8c37f8210ec060f490c64945a682b5dd5d00a68ac2b8c58894b6e7d938acaa1130c1cc5667e206d38b942c5

    • SSDEEP

      768:q78j0+RH6e6XhBBxUcnRWIDDDDDDDDDDDDDDDDADDDDDDDDDDDDDDDDDDDDDDXDU:qwpHLiLniepfxP91/bQxnu

    Score
    10/10
    netsupportdiscoveryrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Netsupport family

      netsupport
    behavioral15behavioral16

    • Target

      libssl-3-x64.dll

    • Size

      547KB

    • MD5

      4ad9afd9ff710d89aa7530241771f9d9

    • SHA1

      b0f233fde9ebc6438c66051fd13e89b9d457894a

    • SHA256

      956a4925b8c2a62c7f639e855b1672a162610138f670f1d7ba6ab71ad3d94541

    • SHA512

      28a167cbf7acca2bf36f7c50bc0302fd040812df678d1d36d1fcadbbfadb279444849aad0228c864d6866b00e36c09c2ff9a6a9d867c25b6000384b421a2f8f5

    • SSDEEP

      6144:w5/NMS+7xbMkZThK/uhetwSzJupTJc2pqrbccv+5NDmqhIA3vCePl01sQi7PUYgh:wFNEQYKxtwAJeTJc2pmUD/v01sQigLW

    Score
    1/10
    behavioral17behavioral18

    • Target

      msvcr100.dll

    • Size

      755KB

    • MD5

      0e37fbfa79d349d672456923ec5fbbe3

    • SHA1

      4e880fc7625ccf8d9ca799d5b94ce2b1e7597335

    • SHA256

      8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18

    • SHA512

      2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630

    • SSDEEP

      12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      pcicapi.dll

    • Size

      32KB

    • MD5

      34dfb87e4200d852d1fb45dc48f93cfc

    • SHA1

      35b4e73fb7c8d4c3fefb90b7e7dc19f3e653c641

    • SHA256

      2d6c6200508c0797e6542b195c999f3485c4ef76551aa3c65016587788ba1703

    • SHA512

      f5bb4e700322cbaa5069244812a9b6ce6899ce15b4fd6384a3e8be421e409e4526b2f67fe210394cd47c4685861faf760eff9af77209100b82b2e0655581c9b2

    • SSDEEP

      768:JFvNhAyi5hHA448qZkSn+EgT8ToDXTVi0:JCyoHA448qSSzgIQb

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      remcmdstub.exe

    • Size

      62KB

    • MD5

      6fca49b85aa38ee016e39e14b9f9d6d9

    • SHA1

      b0d689c70e91d5600ccc2a4e533ff89bf4ca388b

    • SHA256

      fedd609a16c717db9bea3072bed41e79b564c4bc97f959208bfa52fb3c9fa814

    • SHA512

      f9c90029ff3dea84df853db63dace97d1c835a8cf7b6a6227a5b6db4abe25e9912dfed6967a88a128d11ab584663e099bf80c50dd879242432312961c0cfe622

    • SSDEEP

      1536:Tf6fvDuNcAjJMBUHYBlXU1wT2JFqy9BQhiK:D6f7cjJ4U4I1jFqy92hiK

    Score
    3/10
    discovery
    behavioral23behavioral24

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.