Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9720f5b1169f19011a516ce39de34ce8d70be125f0906d5f487ddff02e612ad3
-
Size
99KB
-
Sample
221206-yq6v7acb3s
-
MD5
2ddd7cb13deba1694f611aae34803ff8
-
SHA1
680c8b59e3c47d977891f1d6cbba0500234a63dc
-
SHA256
9720f5b1169f19011a516ce39de34ce8d70be125f0906d5f487ddff02e612ad3
-
SHA512
a2dc0d5b95eb2dc595a7e785b7b1422049ad58700691f1d2c432653dab3a3d40f4b3de068c037dab69bcb670ab29ca57e97715dde313d708302a70d55b9e9972
-
SSDEEP
3072:pm0UExHPlVCbRXxkYRr2NPEKEOjnluq9xxW:9UEJXCpCYl2aKvn0q9xxW
Static task
static1
Behavioral task
behavioral1
Sample
9720f5b1169f19011a516ce39de34ce8d70be125f0906d5f487ddff02e612ad3.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://115.47.49.181/xSZ64Wiax/ojXVZBxRQVfp6gAUziCGnB8V7Aikbs0Z.php
Targets
-
-
Target
9720f5b1169f19011a516ce39de34ce8d70be125f0906d5f487ddff02e612ad3
-
Size
99KB
-
MD5
2ddd7cb13deba1694f611aae34803ff8
-
SHA1
680c8b59e3c47d977891f1d6cbba0500234a63dc
-
SHA256
9720f5b1169f19011a516ce39de34ce8d70be125f0906d5f487ddff02e612ad3
-
SHA512
a2dc0d5b95eb2dc595a7e785b7b1422049ad58700691f1d2c432653dab3a3d40f4b3de068c037dab69bcb670ab29ca57e97715dde313d708302a70d55b9e9972
-
SSDEEP
3072:pm0UExHPlVCbRXxkYRr2NPEKEOjnluq9xxW:9UEJXCpCYl2aKvn0q9xxW
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-