Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cb2da95f12635030c237ae01fc61de2283693b82b348f5d099f5d5508604a7d4

  • Size

    1.1MB

  • Sample

    221130-3vfl1sff23

  • MD5

    a97e986c7cb1677f21c04b94d8bf5ad6

  • SHA1

    8ac497688ab1b3cb9323fcb161af9ffd1d758185

  • SHA256

    cb2da95f12635030c237ae01fc61de2283693b82b348f5d099f5d5508604a7d4

  • SHA512

    68590ef8223776476dd50b870430a1211e71152b9bfe4d5f84bce64ad6950ed7946f69b79c2781395c9cbae02183de678e85ff147a13fd4376c6458832e650fa

  • SSDEEP

    768:O/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLw:ORsvcdcQjosnvnZ6LQ1Ew

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      cb2da95f12635030c237ae01fc61de2283693b82b348f5d099f5d5508604a7d4

    • Size

      1.1MB

    • MD5

      a97e986c7cb1677f21c04b94d8bf5ad6

    • SHA1

      8ac497688ab1b3cb9323fcb161af9ffd1d758185

    • SHA256

      cb2da95f12635030c237ae01fc61de2283693b82b348f5d099f5d5508604a7d4

    • SHA512

      68590ef8223776476dd50b870430a1211e71152b9bfe4d5f84bce64ad6950ed7946f69b79c2781395c9cbae02183de678e85ff147a13fd4376c6458832e650fa

    • SSDEEP

      768:O/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLw:ORsvcdcQjosnvnZ6LQ1Ew

    Score
    10/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks