Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

_internal/LIBPQ.dll

windows7-x64

1

_internal/LIBPQ.dll

windows10-2004-x64

1

_internal/...Qt.dll

windows7-x64

1

_internal/...Qt.dll

windows10-2004-x64

1

_internal/...40.dll

windows7-x64

1

_internal/...40.dll

windows10-2004-x64

1

_internal/..._1.dll

windows7-x64

1

_internal/..._1.dll

windows10-2004-x64

1

_internal/...th.dll

windows7-x64

1

_internal/...th.dll

windows10-2004-x64

1

_internal/...re.dll

windows7-x64

1

_internal/...re.dll

windows10-2004-x64

1

_internal/...us.dll

windows7-x64

1

_internal/...us.dll

windows10-2004-x64

1

_internal/...er.dll

windows7-x64

1

_internal/...er.dll

windows10-2004-x64

1

_internal/...ui.dll

windows7-x64

1

_internal/...ui.dll

windows10-2004-x64

1

_internal/...lp.dll

windows7-x64

1

_internal/...lp.dll

windows10-2004-x64

1

_internal/...on.dll

windows7-x64

1

_internal/...on.dll

windows10-2004-x64

1

_internal/...ia.dll

windows7-x64

1

_internal/...ia.dll

windows10-2004-x64

1

_internal/...ts.dll

windows7-x64

1

_internal/...ts.dll

windows10-2004-x64

1

_internal/...rk.dll

windows7-x64

1

_internal/...rk.dll

windows10-2004-x64

1

_internal/...fc.dll

windows7-x64

1

_internal/...fc.dll

windows10-2004-x64

1

_internal/...GL.dll

windows7-x64

1

_internal/...GL.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    manuskript-0.16.1-windows.zip

  • Size

    85.6MB

  • Sample

    241213-3qcpka1pgt

  • MD5

    9a63d0ac0c26bd16901818ba8c31ceaa

  • SHA1

    2e159aab2b182c260378d4ce5d08123366767e65

  • SHA256

    7b789067fc92947c089c7bd54324742156f04d7a2d670de4e5170c87abf72f3d

  • SHA512

    a05245e6e967968b929f4372b0715ab6fa823996f350aa505f2a51de4390c56b67dbba3442defe3f7c7890267b84ef38b21e7db41af30cd2c90d294e0602e7d2

  • SSDEEP

    1572864:rYdZ6BJVzh0/wUGyA0graeYOj5adEbeKnGc9pY1c4o:rYuLu/hGTjs4eKGcrV

Score
10/10
warmcookiebackdoorpyinstaller

Malware Config

Extracted

Family

warmcookie

Targets

    • Target

      _internal/LIBPQ.dll

    • Size

      283KB

    • MD5

      d448812c0806981e7e0587e8169cf6f2

    • SHA1

      e859313f5f60e2b96a4470c2ae10f134c4b2c535

    • SHA256

      e3ad50c1b4bdfe37f62539c8a8386100933c1273981c54fc748669f5b01be419

    • SHA512

      e8a727d49f5e2785c5d6b1af63e303e85ad65a2ec7f211901da59cfd32097e8fbf8a0a5ce72ef8da448ccacc51bec9576917ea07577a58414aed321a00b7c59a

    • SSDEEP

      6144:Dq/XnHBwK+f9ZO/immLqUfI43z7U8r7apSOOB8trbs:rf9ZO/imm+uQhO4s

    Score
    1/10
    behavioral1behavioral2

    • Target

      _internal/PyQt5/Qt.pyd

    • Size

      12KB

    • MD5

      ef9483654389e5e5d48fe39e0f1bbeaa

    • SHA1

      673d6da99fc631dfb4be49e86fbb930dd6a704f9

    • SHA256

      07c651503e69b7ec813b98db2b1b68b3cc69b9162ffbdfadc2c16315bed8ce85

    • SHA512

      f2ff5c9a231e877edcc2a7d0cc071491ed915820310445131d023655671aa194acb6320d465b3deb932137e346a9c1e52c0e26a5ac49e3504358eb3136529ed6

    • SSDEEP

      192:pJP70YzcUpM9WsAu3a4YP9TfgkSQFMzARFgkqBAD/MXs:/70YzcUp7uY9D2QmEHeBAg

    Score
    1/10
    behavioral3behavioral4

    • Target

      _internal/PyQt5/Qt5/bin/MSVCP140.dll

    • Size

      576KB

    • MD5

      01b946a2edc5cc166de018dbb754b69c

    • SHA1

      dbe09b7b9ab2d1a61ef63395111d2eb9b04f0a46

    • SHA256

      88f55d86b50b0a7e55e71ad2d8f7552146ba26e927230daf2e26ad3a971973c5

    • SHA512

      65dc3f32faf30e62dfdecb72775df870af4c3a32a0bf576ed1aaae4b16ac6897b62b19e01dc2bf46f46fbe3f475c061f79cbe987eda583fee1817070779860e5

    • SSDEEP

      12288:xI88L4Wu4+oJ+xc39ax5Ms4ETs3rxSvYcRkdQEKZm+jWodEEVh51:xD89rxZfQEKZm+jWodEEP5

    Score
    1/10
    behavioral5behavioral6

    • Target

      _internal/PyQt5/Qt5/bin/MSVCP140_1.dll

    • Size

      30KB

    • MD5

      0fe6d52eb94c848fe258dc0ec9ff4c11

    • SHA1

      95cc74c64ab80785f3893d61a73b8a958d24da29

    • SHA256

      446c48c1224c289bd3080087fe15d6759416d64f4136addf30086abd5415d83f

    • SHA512

      c39a134210e314627b0f2072f4ffc9b2ce060d44d3365d11d8c1fe908b3b9403ebdd6f33e67d556bd052338d0ed3d5f16b54d628e8290fd3a155f55d36019a86

    • SSDEEP

      384:rOY/H1SbuIqnX8ndnWc95gW3C8c+pBj0HRN7bULkcyHRN7rxTO6iuQl9xiv:yYIBqnMdxxWd4urv

    Score
    1/10
    behavioral7behavioral8

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Bluetooth.dll

    • Size

      534KB

    • MD5

      2c7a3f9a9158dc733e3053f2d2678f6f

    • SHA1

      6eb9f9849d2d901739c79c2fd7832e77860c8afb

    • SHA256

      13617d6112c31f91d8f69771fadd7819f957fbd957afe34e090c9c45e0dfdf30

    • SHA512

      dde9e4b21e6b9d6ba31a6ac917e26ab5350652dc21038fde04ad660d50f61634d2858bb3ecd55cc8a10bfe92098938cbce0bdd4475534f2aa541bbde04ac2bf6

    • SSDEEP

      12288:2uHPEWA+tJeWIHe/Q6JfFRj9r0Iju/W38tDZR2sjjzXlMt:2ucStJeCzFRj9r0Iju/W38tDZR2sjjI

    Score
    1/10
    behavioral10behavioral9

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Core.dll

    • Size

      5.7MB

    • MD5

      817520432a42efa345b2d97f5c24510e

    • SHA1

      fea7b9c61569d7e76af5effd726b7ff6147961e5

    • SHA256

      8d2ff4ce9096ddccc4f4cd62c2e41fc854cfd1b0d6e8d296645a7f5fd4ae565a

    • SHA512

      8673b26ec5421fce8e23adf720de5690673bb4ce6116cb44ebcc61bbbef12c0ad286dfd675edbed5d8d000efd7609c81aae4533180cf4ec9cd5316e7028f7441

    • SSDEEP

      98304:hcirJylHYab/6bMJsv6tWKFdu9CLiZxqfg8gwf:+irJylHFb/QMJsv6tWKFdu9CL4xqfg8x

    Score
    1/10
    behavioral11behavioral12

    • Target

      _internal/PyQt5/Qt5/bin/Qt5DBus.dll

    • Size

      426KB

    • MD5

      0e8ff02d971b61b5d2dd1ac4df01ae4a

    • SHA1

      638f0b46730884fa036900649f69f3021557e2fe

    • SHA256

      1aa70b106a10c86946e23caa9fc752dc16e29fbe803bba1f1ab30d1c63ee852a

    • SHA512

      7ba616ede66b16d9f8b2a56c3117db49a74d59d0d32eaa6958de57eac78f14b1c7f2dbba9eae4d77937399cf14d44535531baf6f9db16f357f8712dfaae4346a

    • SSDEEP

      6144:ZLvnUJ17UTGOkWHUe/W9TgYMDu96ixMZQ8IlXbKgp8aIDeN:KP7cGOGegTwu96ixMZQtlrPN

    Score
    1/10
    behavioral13behavioral14

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Designer.dll

    • Size

      4.3MB

    • MD5

      c4351384c469750009e5464dd773019a

    • SHA1

      9f114bac87af2e0598790cf3298ca7bdfafdfe21

    • SHA256

      807e2b399048bc482e1a96f10669387f5f27542ca1b1d8dbcbaeabe53055752a

    • SHA512

      6199af25e0224b7288d4b84b9677bad7cffce64f6bcd7b46817823887f94894fa764e1fb31eb300b5f1afc64ccf433e71db2ed28044f2001cc1715cb20433944

    • SSDEEP

      98304:wriDM0a/9ul3ttbU/pQP2xlEeOCGfmcQWmvHWd/52/:wriDM0a/9ul3ttbcQOx4CUmcQWmvGU/

    Score
    1/10
    behavioral15behavioral16

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Gui.dll

    • Size

      6.7MB

    • MD5

      47307a1e2e9987ab422f09771d590ff1

    • SHA1

      0dfc3a947e56c749a75f921f4a850a3dcbf04248

    • SHA256

      5e7d2d41b8b92a880e83b8cc0ca173f5da61218604186196787ee1600956be1e

    • SHA512

      21b1c133334c7ca7bbbe4f00a689c580ff80005749da1aa453cceb293f1ad99f459ca954f54e93b249d406aea038ad3d44d667899b73014f884afdbd9c461c14

    • SSDEEP

      49152:9VPhJZWVvpg+za3cFlc61j2VjBW77I4iNlmLPycNRncuUx24LLsXZFC6FOCfDt2/:BJZzI1ZR3U9Cxc22aDACInVc4Z

    Score
    1/10
    behavioral17behavioral18

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Help.dll

    • Size

      418KB

    • MD5

      6faab9f54169b33f970a2ce0ae8ead06

    • SHA1

      0ee3071737827204feb6fdaeb5a4a9a01eb43ec0

    • SHA256

      e976997b615403842437e46053412fe571377443631d7bec99ff5c2c7e00a5cc

    • SHA512

      d35a3e41c68b160c8e475a04888ba9397f029e4a091335ed7080ee917b70a42f0cbe9161b16a27c37e730701936798c2e195e3921b6dae13b838b41617e932d2

    • SSDEEP

      6144:W5OU+lG3LViV3hMkkAGdFxBsVn3uhIb4kW4XJjnK2xKDgpywUoVXqXrarUPtGBf2:W5OEViVRMpAv3uh+4kzKmKafzu6g

    Score
    1/10
    behavioral19behavioral20

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Location.dll

    • Size

      1.6MB

    • MD5

      3e8f0d7a97856a7a4fab71ce11d0c46e

    • SHA1

      2402efd8e996dd45f10a42f6d0d5dba9427d9d57

    • SHA256

      e25d5470ebf057743e9a427358aa1f13b661442eddbd695d20ac421a97e19a40

    • SHA512

      c37bb5535906afae12d317408e11e91514178b0b74fa08f17d7c7c47963367a4f8768721bf2d156af2193366dc79630729bbb082f11950c14205521519f3c9f0

    • SSDEEP

      49152:IkbrrRuQFClXJLeYyj+LZ1s3yoqKYe+Ok:InQgLz

    Score
    1/10
    behavioral21behavioral22

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Multimedia.dll

    • Size

      728KB

    • MD5

      01df79071f9da0b9b7bda3db7fdc8809

    • SHA1

      6944acc06f8691a27aa0833d29f0389f0e036bf0

    • SHA256

      1a59ae2a9ff768ad6bfb888fe3dd2544e238f0b28da83cf375ebd803ce713dc4

    • SHA512

      486d3f93e56ab50e0c9937e3472762946afdbb28279818d42081f5784f3af2df6d55253d4cf4839601058dcefb5e543144b91b4572bed96ca9926a0a2afe5711

    • SSDEEP

      6144:jLIJMPFfMerCs1uXdHbbbboLxywnY9jnvQz5dm9mMhI/p5PQCf3FR19EjqD0jKds:j+MPFfMervUXzYeg/mR4G

    Score
    1/10
    behavioral23behavioral24

    • Target

      _internal/PyQt5/Qt5/bin/Qt5MultimediaWidgets.dll

    • Size

      99KB

    • MD5

      d5cab2d254f3b55f1b8a30a7dfc4789a

    • SHA1

      d1a517dff6032e5c05bef8ecd0497e6dd7ea76e9

    • SHA256

      16b8154863b3abfc94051e10feef5046b0d643e6d7de62d3271082a7b32f51bd

    • SHA512

      b9922c3edb319f6a72212e483d4a32a28dc3ce11d804bf3682bb8504b181a6904bb8c0967bd01cf49035076b05f2a5a4f4f92aed59aadbfa8b386bd0d5cf8042

    • SSDEEP

      1536:00ShKD7tQ1XzYs8xehNjOcs0qbC34SPEG5Bh85MMUmstqksDyWC43Ufq:OkxCXFdXxsJCISsG5OMMdmqksOWTV

    Score
    1/10
    behavioral25behavioral26

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Network.dll

    • Size

      1.3MB

    • MD5

      3569693d5bae82854de1d88f86c33184

    • SHA1

      1a6084acfd2aa4d32cedfb7d9023f60eb14e1771

    • SHA256

      4ef341ae9302e793878020f0740b09b0f31cb380408a697f75c69fdbd20fc7a1

    • SHA512

      e5eff4a79e1bdae28a6ca0da116245a9919023560750fc4a087cdcd0ab969c2f0eeec63bbec2cd5222d6824a01dd27d2a8e6684a48202ea733f9bb2fab048b32

    • SSDEEP

      24576:eXPn73RXox1U9M0m+1ffSDY565RzHUY1iaRy95hdGehEM:+7hXU1U95m4ff9A5RviaRy9NGI

    Score
    1/10
    behavioral27behavioral28

    • Target

      _internal/PyQt5/Qt5/bin/Qt5Nfc.dll

    • Size

      134KB

    • MD5

      5f716ed3647adc9d0a844965dbd4d581

    • SHA1

      b19d2d500b1749d92fb6682d7b32746d0d0d1e5b

    • SHA256

      242ff8ae380f658e22a0d2c6d7c5cee6dec84be897196990a6839032a50473fc

    • SHA512

      edc4a93f989add9ddede5f7210d9da892480812f4bddacffc25a54c509dd9f79575cd4b73076d842c6fb77d713dab33f461770f485c2c754fdd35afc4d100dd3

    • SSDEEP

      1536:RL6wCE3f4DGkatVrkqTyBWXd/NpXD+HeN0Iqv+T9JAo/2YXtbDXNF3g4tdChjw9q:RLUUfE/YECd/j3L3g4tCU9q

    Score
    1/10
    behavioral29behavioral30

    • Target

      _internal/PyQt5/Qt5/bin/Qt5OpenGL.dll

    • Size

      313KB

    • MD5

      b1f29ea399c173c50c64ffca5f13dc7f

    • SHA1

      4a039aff59f34bae66aa24a0c349059795bf13b2

    • SHA256

      0e179470446a14c3706182d88fc95e5c066957c3752defdd6d3649ae877c87a2

    • SHA512

      0b95e7209cdbb1e977860e8a41e73c5232e682ef111a34a57762fa6bc83d8c3126bcd38069e1d8fb72703f356608f98c103717377493d41e0f4eb5caa024d79b

    • SSDEEP

      6144:dtqkKC7BjQV5eR1b+yRWsJQnNfckNI+STEDC4nkml+T/6qhdDqvJbb9fv:HRFe5en+gWUCNTF9fv

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

backdoorpyinstallerwarmcookie
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10