Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
18d2e4f6447a2828af50dfa11b7276dc0a9b1e668aa719f306b67713e4abc320
-
Size
100KB
-
Sample
221003-w7c84aahe4
-
MD5
6539d3590896029cbb8d51c227335c04
-
SHA1
22ac714a5bf20da19e119261765151cb1b8ed77e
-
SHA256
18d2e4f6447a2828af50dfa11b7276dc0a9b1e668aa719f306b67713e4abc320
-
SHA512
8600d010e3d9b8578c3f36b7b2d46bd24e31b774b9973e469f7a135624449a8630cd0884015c8b19adc65864c3f76825c51ba3aabac97360808d5487925c54db
-
SSDEEP
1536:4+MjEj2oj74gr4YKydLv7B8omtxvdL8/63zf1d9zatcXpnugmBEfk9ok7J9Kmqh5:4+5K0EgrbKy7i/vxV3zNdEpEfmnTF9
Static task
static1
Behavioral task
behavioral1
Sample
18d2e4f6447a2828af50dfa11b7276dc0a9b1e668aa719f306b67713e4abc320.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
18d2e4f6447a2828af50dfa11b7276dc0a9b1e668aa719f306b67713e4abc320
-
Size
100KB
-
MD5
6539d3590896029cbb8d51c227335c04
-
SHA1
22ac714a5bf20da19e119261765151cb1b8ed77e
-
SHA256
18d2e4f6447a2828af50dfa11b7276dc0a9b1e668aa719f306b67713e4abc320
-
SHA512
8600d010e3d9b8578c3f36b7b2d46bd24e31b774b9973e469f7a135624449a8630cd0884015c8b19adc65864c3f76825c51ba3aabac97360808d5487925c54db
-
SSDEEP
1536:4+MjEj2oj74gr4YKydLv7B8omtxvdL8/63zf1d9zatcXpnugmBEfk9ok7J9Kmqh5:4+5K0EgrbKy7i/vxV3zNdEpEfmnTF9
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-