Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4b88d171a18f5c8156eea1a1ec3ea8391aa5270a3b622ec2125b42c4e60b0669
-
Size
382KB
-
Sample
221010-3ldfasebf9
-
MD5
6e0dbe50fc2413946260ec860ae38baa
-
SHA1
4ec71f7ed4c69c87b2c9614f0e1b0ba3eadd493f
-
SHA256
4b88d171a18f5c8156eea1a1ec3ea8391aa5270a3b622ec2125b42c4e60b0669
-
SHA512
e7ca1981b33aa645fe7d2abe308ef21bc0fe3ba954b9d2cb148afd3cc9d0554b78b235a208af979f24c5f1532cfbca73bffed185a09dddac04aa34ebe4ec055e
-
SSDEEP
6144:Pnl7w3YXj5OqQhi01bPaf1wNT5Ab6+Qd4YA11azRAZYk0IKDMK6Uv:Pn+3GcJ1bSqdw67A11cRAZnqwh8
Static task
static1
Behavioral task
behavioral1
Sample
4b88d171a18f5c8156eea1a1ec3ea8391aa5270a3b622ec2125b42c4e60b0669.exe
Resource
win7-20220901-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
4b88d171a18f5c8156eea1a1ec3ea8391aa5270a3b622ec2125b42c4e60b0669
-
Size
382KB
-
MD5
6e0dbe50fc2413946260ec860ae38baa
-
SHA1
4ec71f7ed4c69c87b2c9614f0e1b0ba3eadd493f
-
SHA256
4b88d171a18f5c8156eea1a1ec3ea8391aa5270a3b622ec2125b42c4e60b0669
-
SHA512
e7ca1981b33aa645fe7d2abe308ef21bc0fe3ba954b9d2cb148afd3cc9d0554b78b235a208af979f24c5f1532cfbca73bffed185a09dddac04aa34ebe4ec055e
-
SSDEEP
6144:Pnl7w3YXj5OqQhi01bPaf1wNT5Ab6+Qd4YA11azRAZYk0IKDMK6Uv:Pn+3GcJ1bSqdw67A11cRAZnqwh8
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-