Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
270a1s0ssssd7da.exe
-
Size
717KB
-
Sample
200709-pezrb98fx2
-
MD5
131a072bc700105a2c0ab9af7be6bd02
-
SHA1
43018d351cc5edd88dc6535113547e5fc1f02f60
-
SHA256
b215d5e7cf39628497363e29d2dce0475e7180da848f7f6032d1187c78fd16bf
-
SHA512
acfe259f69a3213a44f4cddd01397a336c951d984cd808d3e9c39486e3eec310b40d0baed24c1e089641920c1999e4b8d7888f408aebe5157d429ab4cd70748e
Malware Config
Extracted
\??\M:\Read_Me.txt
http://7rzpyw3hflwe2c7h.onion/?HYABDFGI
http://helpqvrg3cc5mvb3.onion/
Targets
-
-
Target
270a1s0ssssd7da.exe
-
Size
717KB
-
MD5
131a072bc700105a2c0ab9af7be6bd02
-
SHA1
43018d351cc5edd88dc6535113547e5fc1f02f60
-
SHA256
b215d5e7cf39628497363e29d2dce0475e7180da848f7f6032d1187c78fd16bf
-
SHA512
acfe259f69a3213a44f4cddd01397a336c951d984cd808d3e9c39486e3eec310b40d0baed24c1e089641920c1999e4b8d7888f408aebe5157d429ab4cd70748e
Score10/10-
Modifies Installed Components in the registry
-
Drops desktop.ini file(s)
-
Enumerates connected drives
-
Suspicious use of SetThreadContext
-