Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6
-
Size
64KB
-
Sample
221205-w774gahd5t
-
MD5
edf92f3f42d6cb634254b384c8c214de
-
SHA1
18d42a714fa8a1fd2178e762ea8f5a02a4ec88f2
-
SHA256
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6
-
SHA512
263af274f7133527bf2f44d786851a827c3d3091a76cd8310fde9d559fe1bc22eab870cfdf9ecef0b3644f8639d1912fc8374dc82a30e4a0d24a8e2463eaa6e6
-
SSDEEP
768:6/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLh:6RsvcdcQjosnvnZ6LQ1Eh
Static task
static1
Behavioral task
behavioral1
Sample
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6
-
Size
64KB
-
MD5
edf92f3f42d6cb634254b384c8c214de
-
SHA1
18d42a714fa8a1fd2178e762ea8f5a02a4ec88f2
-
SHA256
b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6
-
SHA512
263af274f7133527bf2f44d786851a827c3d3091a76cd8310fde9d559fe1bc22eab870cfdf9ecef0b3644f8639d1912fc8374dc82a30e4a0d24a8e2463eaa6e6
-
SSDEEP
768:6/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLh:6RsvcdcQjosnvnZ6LQ1Eh
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-