Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6db6ac1ce8f946e0b441c1a1be1b0f094cef331231ae4f9d58b30e3e353145be
-
Size
148KB
-
Sample
221129-phwwksbg9v
-
MD5
8fa1825810977b3f875a88de9d757453
-
SHA1
1d5d3b3cb8312ec72fba34f4d11ca52e212cc88d
-
SHA256
6db6ac1ce8f946e0b441c1a1be1b0f094cef331231ae4f9d58b30e3e353145be
-
SHA512
f2da58ab80b8f51ea218ea3f20d414b4532325bde9378c3626ee6b455a863412e6e96da424051f16a320b3ca2d811a4030210adfe5a63bbc19c4196c0327b24c
-
SSDEEP
3072:KA2hCdFXayYEf4B3UptTDYiYC5p5vWwYn9k:7MCbayFfaeCirpQn9
Static task
static1
Behavioral task
behavioral1
Sample
6db6ac1ce8f946e0b441c1a1be1b0f094cef331231ae4f9d58b30e3e353145be.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://209.59.223.57/ponyd/gate.php
http://204.145.80.32/ponyd/gate.php
Targets
-
-
Target
6db6ac1ce8f946e0b441c1a1be1b0f094cef331231ae4f9d58b30e3e353145be
-
Size
148KB
-
MD5
8fa1825810977b3f875a88de9d757453
-
SHA1
1d5d3b3cb8312ec72fba34f4d11ca52e212cc88d
-
SHA256
6db6ac1ce8f946e0b441c1a1be1b0f094cef331231ae4f9d58b30e3e353145be
-
SHA512
f2da58ab80b8f51ea218ea3f20d414b4532325bde9378c3626ee6b455a863412e6e96da424051f16a320b3ca2d811a4030210adfe5a63bbc19c4196c0327b24c
-
SSDEEP
3072:KA2hCdFXayYEf4B3UptTDYiYC5p5vWwYn9k:7MCbayFfaeCirpQn9
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-