Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
14a0b8532311d0634a43394ff3f4a8a488cb0f61c6c9dfea54fbbb6d968bd217
-
Size
100KB
-
Sample
221129-h44d8abe21
-
MD5
20bdd7221054b02eeee06314b251edef
-
SHA1
6ba7e9d5dd35064ecf272804a4dc76ea7617dbe9
-
SHA256
14a0b8532311d0634a43394ff3f4a8a488cb0f61c6c9dfea54fbbb6d968bd217
-
SHA512
97602f0b698569c481b42803ca18193056915911f0819455fde2c1235561c4ea21fd957bedbf7ebf04ab144d913eca11ac863599b062bf9531842b61bc26b751
-
SSDEEP
1536:ylfodJxfSTgjTuJS2l8tuXJU8k22mHNR3umNalJBGq9AU8kJBl4KuX6ryqvdqZQ:ylfoduUJ2lDXM+3j8vGq9ABnzq1qZ
Static task
static1
Behavioral task
behavioral1
Sample
14a0b8532311d0634a43394ff3f4a8a488cb0f61c6c9dfea54fbbb6d968bd217.exe
Resource
win7-20220901-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
14a0b8532311d0634a43394ff3f4a8a488cb0f61c6c9dfea54fbbb6d968bd217
-
Size
100KB
-
MD5
20bdd7221054b02eeee06314b251edef
-
SHA1
6ba7e9d5dd35064ecf272804a4dc76ea7617dbe9
-
SHA256
14a0b8532311d0634a43394ff3f4a8a488cb0f61c6c9dfea54fbbb6d968bd217
-
SHA512
97602f0b698569c481b42803ca18193056915911f0819455fde2c1235561c4ea21fd957bedbf7ebf04ab144d913eca11ac863599b062bf9531842b61bc26b751
-
SSDEEP
1536:ylfodJxfSTgjTuJS2l8tuXJU8k22mHNR3umNalJBGq9AU8kJBl4KuX6ryqvdqZQ:ylfoduUJ2lDXM+3j8vGq9ABnzq1qZ
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-