Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6

  • Size

    64KB

  • Sample

    221205-w774gahd5t

  • MD5

    edf92f3f42d6cb634254b384c8c214de

  • SHA1

    18d42a714fa8a1fd2178e762ea8f5a02a4ec88f2

  • SHA256

    b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6

  • SHA512

    263af274f7133527bf2f44d786851a827c3d3091a76cd8310fde9d559fe1bc22eab870cfdf9ecef0b3644f8639d1912fc8374dc82a30e4a0d24a8e2463eaa6e6

  • SSDEEP

    768:6/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLh:6RsvcdcQjosnvnZ6LQ1Eh

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6

    • Size

      64KB

    • MD5

      edf92f3f42d6cb634254b384c8c214de

    • SHA1

      18d42a714fa8a1fd2178e762ea8f5a02a4ec88f2

    • SHA256

      b8aa601a8170430b2aa72e1cf172041089a673972ec16a2ea4c43168ececdaf6

    • SHA512

      263af274f7133527bf2f44d786851a827c3d3091a76cd8310fde9d559fe1bc22eab870cfdf9ecef0b3644f8639d1912fc8374dc82a30e4a0d24a8e2463eaa6e6

    • SSDEEP

      768:6/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLh:6RsvcdcQjosnvnZ6LQ1Eh

    Score
    10/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks