Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3
-
Size
89KB
-
Sample
220919-pnqazsggc6
-
MD5
c23796485337acadb13e02480bf06059
-
SHA1
71fab61154104cc1fb80bf94be5310beef0de4c5
-
SHA256
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3
-
SHA512
993c098e4da88034936135ccc55591d38b3eaaa97ed756d0811f32fba48d46c945312ac9ac1eb24f011bf13d6a73a34b7d2790c00586656d18d0171123bfbe44
-
SSDEEP
1536:e5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JKzs5gwCt4J6v43NzCl7/Hs3U3mRhshHK:EGu9BlfzWIbXWm+w0Jb5jJ6W1uMEztUP
Static task
static1
Behavioral task
behavioral1
Sample
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
Protocol: ftp- Host:
gupiao.laden.biz - Port:
21 - Username:
user1961642 - Password:
mBZcfyJQ
Targets
-
-
Target
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3
-
Size
89KB
-
MD5
c23796485337acadb13e02480bf06059
-
SHA1
71fab61154104cc1fb80bf94be5310beef0de4c5
-
SHA256
e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3
-
SHA512
993c098e4da88034936135ccc55591d38b3eaaa97ed756d0811f32fba48d46c945312ac9ac1eb24f011bf13d6a73a34b7d2790c00586656d18d0171123bfbe44
-
SSDEEP
1536:e5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JKzs5gwCt4J6v43NzCl7/Hs3U3mRhshHK:EGu9BlfzWIbXWm+w0Jb5jJ6W1uMEztUP
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-