Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730

  • Size

    35KB

  • Sample

    220919-1t9glabae4

  • MD5

    86b3f75e24062507cff7fcf59ebc860e

  • SHA1

    c696747e2225fe4a559cc9ef97a545cbe9bd47c2

  • SHA256

    5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730

  • SHA512

    4f10b565bb6e638fc7d2208453e1cd3068ad7352720169ebaeeae16d1c1415682478c8d017c115227761521968d7424a080cee956ce59ec0f2347fdd9d2c4493

  • SSDEEP

    768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxwb:gQTIubHy5wQPw

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730

    • Size

      35KB

    • MD5

      86b3f75e24062507cff7fcf59ebc860e

    • SHA1

      c696747e2225fe4a559cc9ef97a545cbe9bd47c2

    • SHA256

      5f45e9f78b3d5975cd3e3d9c7e4d53ee37f5fe8fe9d38ca18d3e4733cf9ae730

    • SHA512

      4f10b565bb6e638fc7d2208453e1cd3068ad7352720169ebaeeae16d1c1415682478c8d017c115227761521968d7424a080cee956ce59ec0f2347fdd9d2c4493

    • SSDEEP

      768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxwb:gQTIubHy5wQPw

    Score
    10/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks