Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

comet exec...re.dll

windows7-x64

1

comet exec...re.dll

windows10-2004-x64

1

comet exec...ms.dll

windows7-x64

1

comet exec...ms.dll

windows10-2004-x64

1

comet exec...pf.dll

windows7-x64

1

comet exec...pf.dll

windows10-2004-x64

1

comet exec...p1.exe

windows7-x64

1

comet exec...p1.exe

windows10-2004-x64

1

f_000001.js

windows7-x64

3

f_000001.js

windows10-2004-x64

3

f_000003.js

windows7-x64

3

f_000003.js

windows10-2004-x64

3

comet exec...no.dll

windows7-x64

1

comet exec...no.dll

windows10-2004-x64

1

comet exec...64.dll

windows7-x64

1

comet exec...64.dll

windows10-2004-x64

1

comet exec...64.dll

windows7-x64

1

comet exec...64.dll

windows10-2004-x64

1

comet exec...sh.dll

windows7-x64

1

comet exec...sh.dll

windows10-2004-x64

1

comet exec...td.dll

windows7-x64

1

comet exec...td.dll

windows10-2004-x64

1

comet exec...et.exe

windows7-x64

1

comet exec...et.exe

windows10-2004-x64

6

comet exec...is.dll

windows7-x64

1

comet exec...is.dll

windows10-2004-x64

1

comet exec...er.dll

windows7-x64

1

comet exec...er.dll

windows10-2004-x64

1

comet exec...er.dll

windows10-2004-x64

1

comet exec...er.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20705626067.zip

  • Size

    13.6MB

  • Sample

    250115-rq63mavngv

  • MD5

    8703d12d7f010947e014077430816c33

  • SHA1

    0c6afe5835a9e45be5069a9b754fde73517ddee4

  • SHA256

    68ce0596f2dd777965778b1f99874ff65b447c01732e67c856523ae0598e121f

  • SHA512

    f2b49c873873e6ab67ab5716a1212f4c210b28f6474619d35ca8b8bb7f6dcbc69d2dfb0f0775c2b2f2960174d8ef41f9b4d565c25bd5f518afb4ba99bb5e6ea2

  • SSDEEP

    393216:p2fGGat93XymCJ3+YBYqUy/2XY2cwSuvw1uHMjE5P:p2eG2VCV+u87Y2Nbvw1uHMo5P

Score
10/10
skulddiscoveryexecutionpersistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1322398794419015753/NZNEWJwo5JJ1lKwMMwjjMMzRzkgLEEjAnLjtCAVrQHzUKbBfWb1O9aM5Shlyd-Za8Ry1

Targets

    • Target

      comet executor/Comet Executor/Microsoft.Web.WebView2.Core.dll

    • Size

      589KB

    • MD5

      a53ba26a25f78f512cb2f393f9c96463

    • SHA1

      4176d5607859817a0b44a253c34f7edb3a46f21e

    • SHA256

      88a3b62f45225a811cdb85df6dfd95c2bff9a0e43e3b04f813b125eaca56cc9f

    • SHA512

      df1cd812fce4a46cae7f4d59256a12732367d16981b01f1067d58966d6612ae102eaa274fc3c9ac21aeb0422cf09ac1232fbe2b74d1daf6c76489f6e8de16751

    • SSDEEP

      12288:WrCyR/rpQ322fy+uFKcDmuRFNEMzeu+imQ269pRFZNIEJdIEY0lxEIPrEIgcvLc6:Va7

    Score
    1/10
    behavioral1behavioral2

    • Target

      comet executor/Comet Executor/Microsoft.Web.WebView2.WinForms.dll

    • Size

      38KB

    • MD5

      97b823df48a222490e6f5ded50d8bd25

    • SHA1

      12aa63046320aafca64ad00f2bfa42a449ee1737

    • SHA256

      b3a0e4513a9920bead16b5488586211f858ca9091298446e45e4dc8998891208

    • SHA512

      b1e52015b7a66d8d5fff0039b276d7889a707f1f827e2cd1ef9de3c7f7ce1bb4f8611d466993f40e9296ff602caeb685a31ec21ad64d746710e6c9b5d63992df

    • SSDEEP

      768:7HNaz0wClrsoZdQtZDgcEST3p4Jjrjh2je+SG2au8vxJKia5/Zi/ZG4Kzu6bdjUH:5aIvQtZDgcEST3p4Jjrjae+SG2au4xJZ

    Score
    1/10
    behavioral3behavioral4

    • Target

      comet executor/Comet Executor/Microsoft.Web.WebView2.Wpf.dll

    • Size

      81KB

    • MD5

      ea666d4e676af786b0b8d7cbd3cb7aed

    • SHA1

      2f1d0591192852bcbb82a68084c39f90519b8753

    • SHA256

      9367fe5dd7a8a1362544dd22cbf665215aed30abae6da780d5567b01e2d941a3

    • SHA512

      08a2af40eb6931d0920e33ab10bfa09c58bb882b5f59eced21b670fe162f727e23dd732d8f85056bc131a18cfeaa6faaaec9785a35f5b09a6e6b523f30e1cc8f

    • SSDEEP

      1536:2bjmE+c3StQ9azGhp8dYNUDHfFWyEb30mpc4Jjr4YeUqiHhCU0NdnbvUufk/UaTM:2bAc3S+4zyp8yUDHfFC30mpc4Jjr4Yef

    Score
    1/10
    behavioral5behavioral6

    • Target

      comet executor/Comet Executor/WinFormsApp1.dll

    • Size

      10KB

    • MD5

      fb8af0ae662044b367015d2e7c9f24ed

    • SHA1

      843be4e7fde23f4cd6be0593cf9d006de6a1b3cd

    • SHA256

      c294d851870c236e96fcf3496cd5d6e7ead342277d8d7f2c4cb27967492b25c2

    • SHA512

      a09f642f47574fcb7dc5f44bfb01d06961c6c7dcfc23cead2f5fdd1b741336b7b5eda3e33614d8ed7a811596f587a7fe6617f71b925aa3d55ed93294ebc1aa32

    • SSDEEP

      192:JAxCMdKz3E4Bj60Hd1p0Q4NmMwd+ctTuWgkDoMT6uZX1ZsInKoL:JAxCMdKzrBuk/4Ud+ctHgkDoMT6wX8Ro

    Score
    1/10
    behavioral7behavioral8

    • Target

      f_000001

    • Size

      2.0MB

    • MD5

      9399a8eaa741d04b0ae6566a5ebb8106

    • SHA1

      5646a9d35b773d784ad914417ed861c5cba45e31

    • SHA256

      93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18

    • SHA512

      d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8

    • SSDEEP

      24576:SmmBNDw4gCXJkB4nIg2IxhbaeZYIMsNjvit4f:wDw4gCXJk62+aeKIMsNjvit4f

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      f_000003

    • Size

      2.0MB

    • MD5

      9399a8eaa741d04b0ae6566a5ebb8106

    • SHA1

      5646a9d35b773d784ad914417ed861c5cba45e31

    • SHA256

      93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18

    • SHA512

      d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8

    • SSDEEP

      24576:SmmBNDw4gCXJkB4nIg2IxhbaeZYIMsNjvit4f:wDw4gCXJk62+aeKIMsNjvit4f

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      comet executor/Comet Executor/bin/Xeno.dll

    • Size

      958KB

    • MD5

      922e65fd502fedf855422f9343fb88fa

    • SHA1

      12803d54a1c91ba25bae7d924016e0dce667ab15

    • SHA256

      6a1afc9c98761fcd93f1f8878b673af549f3bbe97d6ae3ecb23a080462a41d54

    • SHA512

      b4cb9f19eec8e2d159733f39580e762a7ef74f2e962618d7b8b969bb84e294867890a20c503feea53dc451eb9cd03d41e35c2d5825c16bf730ba4c2081e0a8c2

    • SSDEEP

      12288:2GhQW0to+40OXmwuFyEd/LJgxUZ8ipQsxja67rno+X24KkT0M01/:2GooRpXmhyEWUZ8iQEjv7kj4KkT0

    Score
    1/10
    behavioral13behavioral14

    • Target

      comet executor/Comet Executor/bin/libcrypto-3-x64.dll

    • Size

      4.5MB

    • MD5

      be0f6d1d60e149cedaca33a04963e05f

    • SHA1

      b686e1ed9ae47b8ae803a5d9e912b0e631bc4217

    • SHA256

      81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86

    • SHA512

      7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff

    • SSDEEP

      98304:5l+f+Kv6t8y37re39P6k1CPwDvt3uFGCC:/Cyt8yLre39yk1CPwDvt3uFGCC

    Score
    1/10
    behavioral15behavioral16

    • Target

      comet executor/Comet Executor/bin/libssl-3-x64.dll

    • Size

      802KB

    • MD5

      733e3b58ee1760a442fec4712848c3ad

    • SHA1

      529206caad19cce2424323bc29a9fb9a4bbd3e76

    • SHA256

      159198cb8e740f9ad5918b51503121fd1b7e70460f6a4f6a6aa27576bbfa31c7

    • SHA512

      10835ff09e35d8acb2739707219905b3ae2870af973d8f80040baeb732eb798fa93ef1bc599ad9898aff8e20ee21aa1f5e5e07340eda205aa938fc001cd83a88

    • SSDEEP

      12288:uDYDcpeu9jFBOBJfbudc68KqLie1+jKMwmUxlcdEVB3ks:usM9jFr8OeW5wmNdEVB3k

    Score
    1/10
    behavioral17behavioral18

    • Target

      comet executor/Comet Executor/bin/xxhash.dll

    • Size

      46KB

    • MD5

      70c514826d9428f184d27f0c8f397404

    • SHA1

      e6b0b1a396de9913004d9bcaa230972686416bb6

    • SHA256

      aff59e91d222b75b3e3ac789baba9e24eff99796261ae5e887ef9e3c28bb3d64

    • SHA512

      168c63cbb54865ca42a884fd974291bcadd9dd8cf8bc1980148214e84498af42a590cb3d3a394765ee0b7d2e337fab6e85ff4f85d9ced97b92b540152202a0a6

    • SSDEEP

      768:tziPp7yW4k3QDn24NuDUSu0MKQVMNKuxYAuogba4Mk3Q18swN1WQ8hi6U:tziR74kgDn2rDRuIrN5mAvgbTg18DN1z

    Score
    1/10
    behavioral19behavioral20

    • Target

      comet executor/Comet Executor/bin/zstd.dll

    • Size

      638KB

    • MD5

      5b96fb0d4e6453680da278f5b7e51a29

    • SHA1

      3c96a29248fa3644de2c653a5d97c1e21b13a769

    • SHA256

      1374391dafd6262795243a58f9fb234be859d940683fe756c64692ca807f0478

    • SHA512

      27d06b7182aa48a81cce18f8f7b1bee054f3a862ccebd77d273a67c6a15e5d0ef5ba8fd7430976f445eb8bff51d290f2bb50061ac7ef448255ba8a18b8baf193

    • SSDEEP

      6144:fbauYl+rrR8uT4uB5uWYfO16oMynnjDHMkYHbpk5tRCEybNFZemMBLx4uQ16aSG:fbauYGT5BYMxjDHMk0petRCEyb9emHO

    Score
    1/10
    behavioral21behavioral22

    • Target

      comet executor/Comet Executor/comet.exe

    • Size

      14.8MB

    • MD5

      abab785743320daa11ebdbfe09bbf4af

    • SHA1

      bad5790b6f5a1b59e99b341ebbed30775d89b5f4

    • SHA256

      949c396cb29d99291e39a3e6029480b53511d0f7eebca93ec160a1b23e67b338

    • SHA512

      bb7dc4dfe84a39162fb086e51ea989b7c3cddce9ada75e02391cbb757ed954a909e37ed0f5a79084ebd275a3be717f5f31e141a9693b0705186efd3dcf1ce5cd

    • SSDEEP

      196608:CitOI01DSfgMh0DVmUNzyjaS1imMFMYfJWX+Rk:CiUI4DYomzb1iFMoWX+i

    Score
    6/10
    persistence
    behavioral23behavioral24

    • Target

      comet executor/Comet Executor/cxapis.dll

    • Size

      10KB

    • MD5

      4ae4a4a268ccd36acffa1674ebbf910e

    • SHA1

      b3737ff0d2296a6e5b652af1a4a519f2b336295b

    • SHA256

      910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf

    • SHA512

      5c80f85cdeb634be6986131c974b7a400a6cbac4b33e0a9c0523b679df2fea821322d32c8cb1870d6ad07bb5d1e9c35123cd89724de1a6b359b252ecced567be

    • SSDEEP

      192:UL7yBcpRmejh/vFDXtLwZgCw5c4uvFMURQDWVVUF6:UHyBcpRjjh/NtLwZJwNsMUV46

    Score
    1/10
    behavioral25behavioral26

    • Target

      comet executor/Comet Executor/runtimes/win-arm64/native/WebView2Loader.dll

    • Size

      136KB

    • MD5

      d18bd21907b26ff857e739948eff1087

    • SHA1

      31f6151b66519613be658a9f174f829b3cb3de9f

    • SHA256

      cb561ae4537e39bba5dd8af1f648f189d9562b1003fd110a9e889ace527fb4e8

    • SHA512

      dd1b1655fb19bc34318d1d8464a8c3c5c050e074861ff22bbc6eee71c153cbace80558dbcbbf202556d7246bb345e26e92935758d8f516b6514c211c7cd76517

    • SSDEEP

      3072:/kP23RyMZbrLUnlZxMPm6OSxTVseEtJm8FDcT:MP2ByMZbXUHneEtJ3Fo

    Score
    1/10
    behavioral27behavioral28

    • Target

      comet executor/Comet Executor/runtimes/win-x64/native/WebView2Loader.dll

    • Size

      162KB

    • MD5

      c9a5d0f278d57d83a03404b8baeeac64

    • SHA1

      39d44b999c1d89c36136804a373d4d427bc7d679

    • SHA256

      462b36fd1be6ca9f7563466a89e57c41ef4a4def3e0a84fa885d203aea4a3aaf

    • SHA512

      97dfb08eae34624b7679a4bb07dee242b2a38324dc13b8aaec6de7f6fed477e9f9bc7474d4df9fbe907d1a460723db7177b7128a26edf5bd73d38d4d45722db6

    • SSDEEP

      3072:fXAne8TlTRTSpL1ThTNTRyMDjRb/hy75HGRtVBviiZsZ5AalCPTxiEtJx9eg8Xjm:/yTlTRTUL1ThTNTRyeLq1GRtVBvPZsrw

    Score
    1/10
    behavioral29

    • Target

      comet executor/Comet Executor/runtimes/win-x86/native/WebView2Loader.dll

    • Size

      113KB

    • MD5

      7254e511f7bbc49652079d1bb2c737f1

    • SHA1

      4992f889460da4c97f8f8c33634a0a2f1ce17b76

    • SHA256

      6f59ad578fde1f65c44b6935dab0901f014b5268e056b930fb34c0919f1bf4b9

    • SHA512

      5b40cd18b9b966dba1139befefa341977eebc23d288905d1529e319867ad73b471d9f2c85c6442f310afe981b01db0f01594775aec1a36e3e8fbfc21c8aba19f

    • SSDEEP

      3072:GeCt9WJtX8ri9f2+DP6zmDgqeNZPTLxEtJhAlC0Jf4fm3L:GT9WJtswdSzXVEtJ6Yq2m7

    Score
    3/10
    discovery
    behavioral30

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.