Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3

  • Size

    89KB

  • Sample

    220919-pnqazsggc6

  • MD5

    c23796485337acadb13e02480bf06059

  • SHA1

    71fab61154104cc1fb80bf94be5310beef0de4c5

  • SHA256

    e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3

  • SHA512

    993c098e4da88034936135ccc55591d38b3eaaa97ed756d0811f32fba48d46c945312ac9ac1eb24f011bf13d6a73a34b7d2790c00586656d18d0171123bfbe44

  • SSDEEP

    1536:e5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JKzs5gwCt4J6v43NzCl7/Hs3U3mRhshHK:EGu9BlfzWIbXWm+w0Jb5jJ6W1uMEztUP

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    gupiao.laden.biz
  • Port:
    21
  • Username:
    user1961642
  • Password:
    mBZcfyJQ

Targets

    • Target

      e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3

    • Size

      89KB

    • MD5

      c23796485337acadb13e02480bf06059

    • SHA1

      71fab61154104cc1fb80bf94be5310beef0de4c5

    • SHA256

      e7febdc66f0e8106e398a1addd39292b21b3d4b6e3c8e041e1a2f7ae971805f3

    • SHA512

      993c098e4da88034936135ccc55591d38b3eaaa97ed756d0811f32fba48d46c945312ac9ac1eb24f011bf13d6a73a34b7d2790c00586656d18d0171123bfbe44

    • SSDEEP

      1536:e5GJEhlcbW5sk1BlfLvveIbXWm+nwN6JKzs5gwCt4J6v43NzCl7/Hs3U3mRhshHK:EGu9BlfzWIbXWm+w0Jb5jJ6W1uMEztUP

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks