Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0de2ed9d758d38c0140ff807074c378506c85e2c2ba7ec01c2a88d04aff44127
-
Size
133KB
-
Sample
221002-ewkqcsgeg2
-
MD5
7159e151bb9f2385188e973c7cf83fa0
-
SHA1
9ee0051c2ac529823c4a3b6e2fbc2f0d435882a3
-
SHA256
0de2ed9d758d38c0140ff807074c378506c85e2c2ba7ec01c2a88d04aff44127
-
SHA512
60e0a839bce0cdbaaa2715d5e254a67e4cd4be92599eb07692b4967c1c27bae0e608b35bf620bb59a006d5d6e1419793d422d3a10be176bd8e20e08e23cf29b2
-
SSDEEP
1536:xGqK6+wElDXgSlc+Utn2V70Q7ssIMsUK6/n6Cz/2lCPTnyAIvI1s9Khxedeia:w+go+Ut2VlBIKQC+AIcsUmdQ
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
0de2ed9d758d38c0140ff807074c378506c85e2c2ba7ec01c2a88d04aff44127
-
Size
133KB
-
MD5
7159e151bb9f2385188e973c7cf83fa0
-
SHA1
9ee0051c2ac529823c4a3b6e2fbc2f0d435882a3
-
SHA256
0de2ed9d758d38c0140ff807074c378506c85e2c2ba7ec01c2a88d04aff44127
-
SHA512
60e0a839bce0cdbaaa2715d5e254a67e4cd4be92599eb07692b4967c1c27bae0e608b35bf620bb59a006d5d6e1419793d422d3a10be176bd8e20e08e23cf29b2
-
SSDEEP
1536:xGqK6+wElDXgSlc+Utn2V70Q7ssIMsUK6/n6Cz/2lCPTnyAIvI1s9Khxedeia:w+go+Ut2VlBIKQC+AIcsUmdQ
Score10/10-
Modifies firewall policy service
-
Sality
Sality is backdoor written in C++, first discovered in 2003.
-
UAC bypass
-
Windows security bypass
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Windows security modification
-
Checks whether UAC is enabled
-