Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

XMouse_But....5.exe

windows11-21h2-x64

7

$PLUGINSDI...md.dll

windows11-21h2-x64

3

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...er.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

BugTrapU-x64.dll

windows11-21h2-x64

1

XMouseButt...ol.exe

windows11-21h2-x64

1

XMouseButtonHook.dll

windows11-21h2-x64

1

uninstaller.exe

windows11-21h2-x64

7

$PLUGINSDI...md.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XMouse_Button_Control_V2.20.5.exe

  • Size

    2.9MB

  • Sample

    241223-1c14wssjbw

  • MD5

    2e9725bc1d71ad1b8006dfc5a2510f88

  • SHA1

    6e1f7d12881696944bf5e030a7d131b969de0c6c

  • SHA256

    2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818

  • SHA512

    62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39

  • SSDEEP

    49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      XMouse_Button_Control_V2.20.5.exe

    • Size

      2.9MB

    • MD5

      2e9725bc1d71ad1b8006dfc5a2510f88

    • SHA1

      6e1f7d12881696944bf5e030a7d131b969de0c6c

    • SHA256

      2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818

    • SHA512

      62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39

    • SSDEEP

      49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

    • Target

      $PLUGINSDIR/ExecCmd.dll

    • Size

      4KB

    • MD5

      b9380b0bea8854fd9f93cc1fda0dfeac

    • SHA1

      edb8d58074e098f7b5f0d158abedc7fc53638618

    • SHA256

      1f4bd9c9376fe1b6913baeca7fb6df6467126f27c9c2fe038206567232a0e244

    • SHA512

      45c3ab0f2bce53b75e72e43bac747dc0618342a3f498be8e2eb62a6db0b137fcdb1735da83051b14824996b5287109aa831e5859d6f21f0ed21b76b3d335418c

    • SSDEEP

      48:ifXNtGNjFizsU35iej7luiwa28mDJmDKUOMQH0glay/Aa4r/:5Fef5iej5txKJKenlV4r/

    Score
    3/10
    discovery
    behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      d753362649aecd60ff434adf171a4e7f

    • SHA1

      3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

    • SHA256

      8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

    • SHA512

      41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

    • SSDEEP

      192:3Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijnK72dwF7dBEnbok:3GvdH4qMebzPY2Vijn+BEnbo

    Score
    3/10
    discovery
    behavioral3

    • Target

      $PLUGINSDIR/ShellExecAsUser.dll

    • Size

      7KB

    • MD5

      86a81b9ab7de83aa01024593a03d1872

    • SHA1

      8fd7c645e6e2cb1f1bcb97b3b5f85ce1660b66be

    • SHA256

      27d61cacd2995f498ba971b3b2c53330bc0e9900c9d23e57b2927aadfdee8115

    • SHA512

      cc37bd5d74d185077bdf6c4a974fb29922e3177e2c5971c664f46c057aad1236e6f3f856c5d82f1d677c29896f0e3e71283ef04f886db58abae151cb27c827ac

    • SSDEEP

      96:GFZf6PnleKYcBVGKLyhkrw0qyz/sRXQVgKXohw8FFtkqCp:Gnf6IKTAKLyGOCqQomItQ

    Score
    3/10
    discovery
    behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      56a321bd011112ec5d8a32b2f6fd3231

    • SHA1

      df20e3a35a1636de64df5290ae5e4e7572447f78

    • SHA256

      bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    • SHA512

      5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    • SSDEEP

      192:uv+cJZE61KRWJQO6tFiUdK7ckK4k7l1XRBm0w+NiHi1GSJ:uf6rtFRduQ1W+fG8

    Score
    3/10
    discovery
    behavioral5

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      f832e4279c8ff9029b94027803e10e1b

    • SHA1

      134ff09f9c70999da35e73f57b70522dc817e681

    • SHA256

      4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061

    • SHA512

      bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d

    • SSDEEP

      96:ytJ6tC4jcY5rKhkfL9SYdKkcxM2DjDf3GEfKvBKav+Yx4yndY7ndS27gA:yyj6QS8HREf+BYYxbdqn420

    Score
    3/10
    discovery
    behavioral6

    • Target

      BugTrapU-x64.dll

    • Size

      364KB

    • MD5

      80d5f32b3fc515402b9e1fe958dedf81

    • SHA1

      a80ffd7907e0de2ee4e13c592b888fe00551b7e0

    • SHA256

      0ab8481b44e7d2f0d57b444689aef75b61024487a5cf188c2fc6b8de919b040a

    • SHA512

      1589246cd480326ca22c2acb1129a3a90edf13b75031343061f0f4ed51580dfb890862162a65957be9026381bb24475fec6ddcb86692c5961a24b18461e5f1f0

    • SSDEEP

      6144:tv+VkJpn803Q9eg3rX9FudjTLNjGGtOCiKTBObg:tvfJp8aQ9eg3rX9Fudjx5Tk

    Score
    1/10
    behavioral7

    • Target

      XMouseButtonControl.exe

    • Size

      1.7MB

    • MD5

      bb632bc4c4414303c783a0153f6609f7

    • SHA1

      eb16bf0d8ce0af4d72dff415741fd0d7aac3020e

    • SHA256

      7cc348f8d2ee10264e136425059205cf2c17493b4f3f6a43af024aecb926d8c8

    • SHA512

      15b34efe93d53e54c1527705292fbf145d6757f10dd87bc787dc40bf02f0d641468b95c571f7037417f2f626de2afcd68b5d82214e27e9e622ab0475633e9de5

    • SSDEEP

      24576:WB9zyuRx7jLNquqvzbsM/m0GNYbOVgmXUWU7mFNeSOML3QaYyipFovO:WBJpf7j+LOVgmXUWU7UDTQaviXo

    Score
    1/10
    behavioral8

    • Target

      XMouseButtonHook.dll

    • Size

      1.0MB

    • MD5

      d62a4279ebba19c9bf0037d4f7cbf0bc

    • SHA1

      5257d9505cca6b75fe55dfdaf2ea83a7d2d28170

    • SHA256

      c845e808dc035329a7c95c846413a7afb9976f09872ba3c05dfa5f492156eef0

    • SHA512

      6895a12cddc41bf516279b1235fca238b0b3b0cef2cc25abe14a9160ed23f5bde3d476f885d674537febc7de7eb58b0824d96153c626e1563a5a8a1887fb5323

    • SSDEEP

      24576:k9YEYaUkALnN57d2KiGiccvn+KAUxZswMPOML0MW:FhnrNtScc+KAAZ1MPOML0MW

    Score
    1/10
    behavioral9

    • Target

      uninstaller.exe

    • Size

      74KB

    • MD5

      bfffc38fff05079b15a5317e279dc7a9

    • SHA1

      0c18db954f11646d65d0300e58fefcd9ff7634de

    • SHA256

      c4e59737ffd988ef4bc7a62e3316a470b1b09a9889f65908110fba3d7b1c6500

    • SHA512

      d30220e024ac242285ea757006e7da3874e5f889951de226d48c372a6a8701b76d4a917134ecc1e72c6c3a8d43444762288e7134a25d837e9f43d972675c81d6

    • SSDEEP

      1536:fRPYqa5pic6jXFdL2KiMcrgCKdO/LeAyNLs9Y0tIdJVgwkL7U3:pPA6jXFN2Mcr/tTeAt9jidJVnkfU

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral10

    • Target

      $PLUGINSDIR/ExecCmd.dll

    • Size

      4KB

    • MD5

      b9380b0bea8854fd9f93cc1fda0dfeac

    • SHA1

      edb8d58074e098f7b5f0d158abedc7fc53638618

    • SHA256

      1f4bd9c9376fe1b6913baeca7fb6df6467126f27c9c2fe038206567232a0e244

    • SHA512

      45c3ab0f2bce53b75e72e43bac747dc0618342a3f498be8e2eb62a6db0b137fcdb1735da83051b14824996b5287109aa831e5859d6f21f0ed21b76b3d335418c

    • SSDEEP

      48:ifXNtGNjFizsU35iej7luiwa28mDJmDKUOMQH0glay/Aa4r/:5Fef5iej5txKJKenlV4r/

    Score
    3/10
    discovery
    behavioral11

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      56a321bd011112ec5d8a32b2f6fd3231

    • SHA1

      df20e3a35a1636de64df5290ae5e4e7572447f78

    • SHA256

      bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    • SHA512

      5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    • SSDEEP

      192:uv+cJZE61KRWJQO6tFiUdK7ckK4k7l1XRBm0w+NiHi1GSJ:uf6rtFRduQ1W+fG8

    Score
    3/10
    discovery
    behavioral12

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.