Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ce8e77c87ff89a0ff1a1d49d3a36731bcfa22345f6d8f8be874f1f0f564b343e
-
Size
100KB
-
Sample
221206-jvm7babh81
-
MD5
e11ffb6c4537bf748a5116dbda710edd
-
SHA1
90a48637cb61df438c4a6b4b20a4149a968ebf77
-
SHA256
ce8e77c87ff89a0ff1a1d49d3a36731bcfa22345f6d8f8be874f1f0f564b343e
-
SHA512
1ebdc3e842bad43d22ee1037689a874e206da31724e4112e9c018abdbbab8a23610a51ed5ae918cdd24854e56a94ca56ff8ef157a939c92d0cb2e41118bc035c
-
SSDEEP
1536:Sc4hj+ULTD3L3dCO0qh9yBVPF6t2lD7XIOTYP7pt74RvV6UFtYRR/:d4xLTDjIoriVPotWIjzpeb1tYRd
Static task
static1
Behavioral task
behavioral1
Sample
ce8e77c87ff89a0ff1a1d49d3a36731bcfa22345f6d8f8be874f1f0f564b343e.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://115.47.49.181/xSZ64Wiax/ojXVZBxRQVfp6gAUziCGnB8V7Aikbs0Z.php
Targets
-
-
Target
ce8e77c87ff89a0ff1a1d49d3a36731bcfa22345f6d8f8be874f1f0f564b343e
-
Size
100KB
-
MD5
e11ffb6c4537bf748a5116dbda710edd
-
SHA1
90a48637cb61df438c4a6b4b20a4149a968ebf77
-
SHA256
ce8e77c87ff89a0ff1a1d49d3a36731bcfa22345f6d8f8be874f1f0f564b343e
-
SHA512
1ebdc3e842bad43d22ee1037689a874e206da31724e4112e9c018abdbbab8a23610a51ed5ae918cdd24854e56a94ca56ff8ef157a939c92d0cb2e41118bc035c
-
SSDEEP
1536:Sc4hj+ULTD3L3dCO0qh9yBVPF6t2lD7XIOTYP7pt74RvV6UFtYRR/:d4xLTDjIoriVPotWIjzpeb1tYRd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-