Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4
-
Size
134KB
-
Sample
221003-a5bftsheb2
-
MD5
63bb3c2d39e6ddc30875756287307b5a
-
SHA1
395ce593e1ec99bd3aa8253e381a97b433303b73
-
SHA256
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4
-
SHA512
14e9a5ee203ff30130d4e9c624755545e871f563e9a5bab7a6bf6cb346c0ae02797abd04bcbb94dbefd0919d5233f1ad13d28723ebbc7040c23a0cd9f83cfdc9
-
SSDEEP
3072:4lxgFcefiGfm/XS9m6KDxslZ7VJjqAjawR9B/nY:wWFefj6KD6pVpqAjdnP
Static task
static1
Behavioral task
behavioral1
Sample
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/ponyf/gate.php
http://116.122.158.195:8080/ponyf/gate.php
http://endsleepapnea.com/ponyf/gate.php
http://iecho-mobility.com/ponyf/gate.php
-
payload_url
http://ftp.alldailyspecial.com/1VW1.exe
http://crenail.de/9SvYM.exe
http://eclay.netwiz.net/hgXV.exe
Targets
-
-
Target
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4
-
Size
134KB
-
MD5
63bb3c2d39e6ddc30875756287307b5a
-
SHA1
395ce593e1ec99bd3aa8253e381a97b433303b73
-
SHA256
b55babb61855d0260785015a5c9012ddb8d0c32dd546628185501c02110620f4
-
SHA512
14e9a5ee203ff30130d4e9c624755545e871f563e9a5bab7a6bf6cb346c0ae02797abd04bcbb94dbefd0919d5233f1ad13d28723ebbc7040c23a0cd9f83cfdc9
-
SSDEEP
3072:4lxgFcefiGfm/XS9m6KDxslZ7VJjqAjawR9B/nY:wWFefj6KD6pVpqAjdnP
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-