Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d6dd07e0696470b56ecd71a5e683baeda33ec9b76cec8d5f8f227b640ba9b5b4
-
Size
100KB
-
Sample
221205-pzl3psbc32
-
MD5
732539e4d3ee058494b62de6bd2833cd
-
SHA1
3b6669ab5d5f783d0994fc61da7859014164f657
-
SHA256
d6dd07e0696470b56ecd71a5e683baeda33ec9b76cec8d5f8f227b640ba9b5b4
-
SHA512
5db54dbd98362c72403bb828848c5ff70baeba0dd96f0d451fe2204a83af73c5d8fe86cef0574b1fbfbbaf0761f01b2ba1a6bac78b538c71eb999465fba2c561
-
SSDEEP
768:O2l0CAcjiI79V0wYzcz4UKACHeAvtF+TheR3pkTmBFbeI0wxTYIJ1Fpieepl+BFJ:BJnpYz4wKhe7cmbaOFFpiZ+bC+PjZAc
Static task
static1
Behavioral task
behavioral1
Sample
d6dd07e0696470b56ecd71a5e683baeda33ec9b76cec8d5f8f227b640ba9b5b4.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
d6dd07e0696470b56ecd71a5e683baeda33ec9b76cec8d5f8f227b640ba9b5b4
-
Size
100KB
-
MD5
732539e4d3ee058494b62de6bd2833cd
-
SHA1
3b6669ab5d5f783d0994fc61da7859014164f657
-
SHA256
d6dd07e0696470b56ecd71a5e683baeda33ec9b76cec8d5f8f227b640ba9b5b4
-
SHA512
5db54dbd98362c72403bb828848c5ff70baeba0dd96f0d451fe2204a83af73c5d8fe86cef0574b1fbfbbaf0761f01b2ba1a6bac78b538c71eb999465fba2c561
-
SSDEEP
768:O2l0CAcjiI79V0wYzcz4UKACHeAvtF+TheR3pkTmBFbeI0wxTYIJ1Fpieepl+BFJ:BJnpYz4wKhe7cmbaOFFpiZ+bC+PjZAc
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-