Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2f7cbaacf1abfa89a85b62f61710e23c9260c287935a9237254a1fd7b77fff91
-
Size
97KB
-
Sample
221201-f1xq6agf67
-
MD5
b0254639b2067499a3e76ec51cc5bd83
-
SHA1
876b944ef465af2b091aa18f49e1c3a6359079cc
-
SHA256
2f7cbaacf1abfa89a85b62f61710e23c9260c287935a9237254a1fd7b77fff91
-
SHA512
24dcb6d52ef1644e842dfa9ee80b883bbc60dbb0bf9c895442e0efe1b90d1f287d7eb00370d9712fbff26898b3a5c662d5b994fedc7864bb69438ed345f1469e
-
SSDEEP
1536:zEjU7N5DIhDvb38/fIaDfQyrMHdJnlFNGnl6P7d8m/2f:QjU7N5DI9vUIaDfvMHdJslEd8m/
Static task
static1
Behavioral task
behavioral1
Sample
2f7cbaacf1abfa89a85b62f61710e23c9260c287935a9237254a1fd7b77fff91.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://115.47.49.181/xSZ64Wiax/ojXVZBxRQVfp6gAUziCGnB8V7Aikbs0Z.php
Targets
-
-
Target
2f7cbaacf1abfa89a85b62f61710e23c9260c287935a9237254a1fd7b77fff91
-
Size
97KB
-
MD5
b0254639b2067499a3e76ec51cc5bd83
-
SHA1
876b944ef465af2b091aa18f49e1c3a6359079cc
-
SHA256
2f7cbaacf1abfa89a85b62f61710e23c9260c287935a9237254a1fd7b77fff91
-
SHA512
24dcb6d52ef1644e842dfa9ee80b883bbc60dbb0bf9c895442e0efe1b90d1f287d7eb00370d9712fbff26898b3a5c662d5b994fedc7864bb69438ed345f1469e
-
SSDEEP
1536:zEjU7N5DIhDvb38/fIaDfQyrMHdJnlFNGnl6P7d8m/2f:QjU7N5DI9vUIaDfvMHdJslEd8m/
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-