Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2

  • Size

    150KB

  • Sample

    221019-1drxlshecj

  • MD5

    919b2b1b92e8b165ef29740134b74cf0

  • SHA1

    88dbc8d1fa65461552b8b7166cd4f83887535ce7

  • SHA256

    db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2

  • SHA512

    444f38e0a70ea275c37ab9f6776f94cd18bbd9a061d284ac014970c4f97092d226d0c8fe970667b3a28449c936bff67e43a1766bf1a5fb28b727e9c421d6cd8b

  • SSDEEP

    768:hk33Rdt3vQBofYJaX2P8fojSgwFXdOL+vYhSw5fmWfgOFQWbHo7me/c7yA50o:hknRdt3vqoaxqo/wJdMQ2NmQbFQfHcJ

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    arsensteller1.ucoz.ua
  • Port:
    21
  • Username:
    aarsensteller1
  • Password:
    01072000a

Targets

    • Target

      db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2

    • Size

      150KB

    • MD5

      919b2b1b92e8b165ef29740134b74cf0

    • SHA1

      88dbc8d1fa65461552b8b7166cd4f83887535ce7

    • SHA256

      db3af571f06fabfbbf6420bbefd4fac2b0b42e30b430e8740ba6a25bfe1d4ba2

    • SHA512

      444f38e0a70ea275c37ab9f6776f94cd18bbd9a061d284ac014970c4f97092d226d0c8fe970667b3a28449c936bff67e43a1766bf1a5fb28b727e9c421d6cd8b

    • SSDEEP

      768:hk33Rdt3vQBofYJaX2P8fojSgwFXdOL+vYhSw5fmWfgOFQWbHo7me/c7yA50o:hknRdt3vqoaxqo/wJdMQ2NmQbFQfHcJ

    Score
    10/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks