Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

leping-pdf.exe

windows7-x64

10

leping-pdf.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27032025_1516_leping-pdf.bat.iso

  • Size

    1.3MB

  • Sample

    250327-sn1cqstxdz

  • MD5

    518c173c6ccfab169e11a58d34ebecc4

  • SHA1

    b06f0edbf46d0ae249104a532da3bf024e37df03

  • SHA256

    25c047be782f1c95576aa6c3cdae9fa1a263fc63fe12851a13013dd7ce067286

  • SHA512

    1f2c4be9d4dc9061750f1f0ed6c5672a685083fff9f7f640ad77b7281e3dd0faa803c840be6538474793d7e0fc1a31a884b403243b03dc55810595bf83db6614

  • SSDEEP

    24576:vdYN58vv/f+yQMUJ6Ailn6b/HlSgxgam9uSaviZtXv:vc5IvnfQN6yldjNtvw

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      leping-pdf.bat

    • Size

      810KB

    • MD5

      4dbd532f919ce1dbf60457cca8305137

    • SHA1

      7daa026d598d7c916006e81701db3f791dc2188b

    • SHA256

      b93de10f4d570997495e31de612f6ff52303dd0c488708b933ae02c2bdd8e274

    • SHA512

      89a073fe4363ad01684bd80d800faf54d04d8b2e1f1c2e26546300be248aff6f3156f7bea7053f5947113fe288ae70e86aa6ca346b5fbd4c3b8eca866a956054

    • SSDEEP

      24576:mdYN58vv/f+yQMUJ6Ailn6b/HlSgxgam9uSaviZtXv:mc5IvnfQN6yldjNtvw

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      9625d5b1754bc4ff29281d415d27a0fd

    • SHA1

      80e85afc5cccd4c0a3775edbb90595a1a59f5ce0

    • SHA256

      c2f405d7402f815d0c3fadd9a50f0bbbb1bab9aa38fe347823478a2587299448

    • SHA512

      dce52b640897c2e8dbfd0a1472d5377fa91fb9cf1aeff62604d014bccbe5b56af1378f173132abeb0edd18c225b9f8f5e3d3e72434aed946661e036c779f165b

    • SSDEEP

      192:eX24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlqSlS:D8QIl972eXqlWBFSt273YOlqz

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks