Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3144755cf70...72.exe
windows7-x64
10144755cf70...72.exe
windows10-2004-x64
9$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3InterVpn/b...x2.exe
windows7-x64
9InterVpn/b...x2.exe
windows10-2004-x64
9InterVpn/b...ns.exe
windows7-x64
10InterVpn/b...ns.exe
windows10-2004-x64
9InterVpn/b...-2.dll
windows7-x64
3InterVpn/b...-2.dll
windows10-2004-x64
3InterVpn/b...-1.dll
windows7-x64
3InterVpn/b...-1.dll
windows10-2004-x64
3InterVpn/b...sl.exe
windows7-x64
1InterVpn/b...sl.exe
windows10-2004-x64
3InterVpn/b...ui.exe
windows7-x64
1InterVpn/b...ui.exe
windows10-2004-x64
3InterVpn/b...pn.exe
windows7-x64
1InterVpn/b...pn.exe
windows10-2004-x64
3InterVpn/b...rv.exe
windows7-x64
1InterVpn/b...rv.exe
windows10-2004-x64
3OpenVPN64/...32.dll
windows7-x64
1OpenVPN64/...32.dll
windows10-2004-x64
1OpenVPN64/...-2.dll
windows7-x64
1OpenVPN64/...-2.dll
windows10-2004-x64
1OpenVPN64/...-1.dll
windows7-x64
1OpenVPN64/...-1.dll
windows10-2004-x64
1Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
22/12/2024, 12:27
Static task
static1
Behavioral task
behavioral1
Sample
144755cf70a3ef6c0212c49645891c53ce926ad7e3e626016023d6aecc484372.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
144755cf70a3ef6c0212c49645891c53ce926ad7e3e626016023d6aecc484372.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
InterVpn/bin/InterVpn/intervpnmix2.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
InterVpn/bin/InterVpn/intervpnmix2.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
InterVpn/bin/InterVpn/vruns.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
InterVpn/bin/InterVpn/vruns.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
InterVpn/bin/liblzo2-2.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
InterVpn/bin/liblzo2-2.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
InterVpn/bin/libpkcs11-helper-1.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
InterVpn/bin/libpkcs11-helper-1.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
InterVpn/bin/openssl.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
InterVpn/bin/openssl.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
InterVpn/bin/openvpn-gui.exe
Resource
win7-20241010-en
Behavioral task
behavioral22
Sample
InterVpn/bin/openvpn-gui.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
InterVpn/bin/openvpn.exe
Resource
win7-20241010-en
Behavioral task
behavioral24
Sample
InterVpn/bin/openvpn.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
InterVpn/bin/openvpnserv.exe
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
InterVpn/bin/openvpnserv.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
OpenVPN64/bin/libeay32.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
OpenVPN64/bin/libeay32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
OpenVPN64/bin/liblzo2-2.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
OpenVPN64/bin/liblzo2-2.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
OpenVPN64/bin/libpkcs11-helper-1.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
OpenVPN64/bin/libpkcs11-helper-1.dll
Resource
win10v2004-20241007-en
General
-
Target
InterVpn/bin/openvpnserv.exe
-
Size
31KB
-
MD5
ad4eb6a3fb038c2e215bb06262d4009a
-
SHA1
9410b1d326a47b166e36d38436ef6fbb6bda572f
-
SHA256
778e25079650d094337df094f4c262528c7d983ead52194795b4b033c17686ae
-
SHA512
6dc640730a5724de687b805699e51595a1f08b16bc1596564b89cd580deee7478113a4296c3de677f96d4501f4f40a4e36d7d4c1f6993d4dbb7199b0e6edfa14
-
SSDEEP
384:jWZZlmdx9bg7uB2iqfs+xCVaqBCikOGeafT3s7fDWuMBDKBrjQF+CvST5tvDGbK0:jWrlmlbx2XOzAlfra8BD43uwDGbKg1v
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language openvpnserv.exe