Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
Size
111KB
-
Sample
221020-kpcn3aebg7
-
MD5
7455896ab4e655eb628435c618364d80
-
SHA1
0c96a78371ee2d802e83ac5b3b6fbb2688342a83
-
SHA256
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
SHA512
7f27af86462dd27cbb000f7af1dc8e5321fe02cebcfdad58d9afa4a4c26bb329d771dd56881fb3a14e0b387aee300d446b6c40f0dba793dabb589ecf00c8a73f
-
SSDEEP
3072:p+5pa0iMc1a8IBD/pgpFTJ8ZKLpm8n3Sva:4iMUKgu81m8Ga
Static task
static1
Behavioral task
behavioral1
Sample
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://gosuccessmode.com/ponyb/gate.php
http://hraforbiz.com/ponyb/gate.php
http://margueritemcenery.com/ponyb/gate.php
http://mceneryfinancial.com/ponyb/gate.php
-
payload_url
http://www.autogabicce.it/Ga7HLjZ.exe
http://ebaa.daa.jp/PePbz1e.exe
http://ftp.paradetrade.com/RkGndP.exe
http://eucert.com/7u5.exe
Targets
-
-
Target
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
Size
111KB
-
MD5
7455896ab4e655eb628435c618364d80
-
SHA1
0c96a78371ee2d802e83ac5b3b6fbb2688342a83
-
SHA256
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
SHA512
7f27af86462dd27cbb000f7af1dc8e5321fe02cebcfdad58d9afa4a4c26bb329d771dd56881fb3a14e0b387aee300d446b6c40f0dba793dabb589ecf00c8a73f
-
SSDEEP
3072:p+5pa0iMc1a8IBD/pgpFTJ8ZKLpm8n3Sva:4iMUKgu81m8Ga
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-