Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730
-
Size
35KB
-
Sample
220919-1t9glabae4
-
MD5
86b3f75e24062507cff7fcf59ebc860e
-
SHA1
c696747e2225fe4a559cc9ef97a545cbe9bd47c2
-
SHA256
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730
-
SHA512
4f10b565bb6e638fc7d2208453e1cd3068ad7352720169ebaeeae16d1c1415682478c8d017c115227761521968d7424a080cee956ce59ec0f2347fdd9d2c4493
-
SSDEEP
768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxwb:gQTIubHy5wQPw
Static task
static1
Behavioral task
behavioral1
Sample
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730
-
Size
35KB
-
MD5
86b3f75e24062507cff7fcf59ebc860e
-
SHA1
c696747e2225fe4a559cc9ef97a545cbe9bd47c2
-
SHA256
5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730
-
SHA512
4f10b565bb6e638fc7d2208453e1cd3068ad7352720169ebaeeae16d1c1415682478c8d017c115227761521968d7424a080cee956ce59ec0f2347fdd9d2c4493
-
SSDEEP
768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxwb:gQTIubHy5wQPw
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-