Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c383fcc36f68b68cf4bc3b9559656f703034a4b8c9de05b481ed1746a92bfb9c
-
Size
97KB
-
Sample
221004-g8sb3sffe5
-
MD5
4330a1fc6d432219aea135fee2849b6d
-
SHA1
b72751a9d9a91b09ff65ea67073a0e96a63b83c7
-
SHA256
c383fcc36f68b68cf4bc3b9559656f703034a4b8c9de05b481ed1746a92bfb9c
-
SHA512
87755270fa13c1b733c2e6fc153a3bdabd93b9af1ce802df529576fa74e67fa23f89171be6b4c8cddd061d8c62c945fdad83cbbdedab5588600058a96a18d7bc
-
SSDEEP
1536:zEPteCB5smGp1xr1KmN0nOmd2yg+Q5CdgL9G6fpqGNDkUQX00nSTom1:zEPxBmp1DN0nGyg9gs9G6fcGlkU2STH1
Static task
static1
Behavioral task
behavioral1
Sample
c383fcc36f68b68cf4bc3b9559656f703034a4b8c9de05b481ed1746a92bfb9c.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
c383fcc36f68b68cf4bc3b9559656f703034a4b8c9de05b481ed1746a92bfb9c
-
Size
97KB
-
MD5
4330a1fc6d432219aea135fee2849b6d
-
SHA1
b72751a9d9a91b09ff65ea67073a0e96a63b83c7
-
SHA256
c383fcc36f68b68cf4bc3b9559656f703034a4b8c9de05b481ed1746a92bfb9c
-
SHA512
87755270fa13c1b733c2e6fc153a3bdabd93b9af1ce802df529576fa74e67fa23f89171be6b4c8cddd061d8c62c945fdad83cbbdedab5588600058a96a18d7bc
-
SSDEEP
1536:zEPteCB5smGp1xr1KmN0nOmd2yg+Q5CdgL9G6fpqGNDkUQX00nSTom1:zEPxBmp1DN0nGyg9gs9G6fcGlkU2STH1
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-