Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085

  • Size

    222KB

  • Sample

    231104-nsqa4sbb94

  • MD5

    391650ad3e63c70aba4531f5cfbbea5e

  • SHA1

    3c326d5ba27397e020cc4717a8ef433b2c65a5c4

  • SHA256

    0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085

  • SHA512

    e1bf615c34c1dc496bd78d90affc6fcc04a7d315a87b08a179b01a3d0723768e96c4fb1620a5011fe7f454cbfeea4023385b753decf81129e2913bf5b0ef5b8b

  • SSDEEP

    3072:SwzvOYwVN5YP/aKavT/DvbEvK9aobNI2B+el0LTGzkWJWXVfShNgpNcOJkeaNd1W:UXiP/aK2h9H/B+XgyHo2

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085

    • Size

      222KB

    • MD5

      391650ad3e63c70aba4531f5cfbbea5e

    • SHA1

      3c326d5ba27397e020cc4717a8ef433b2c65a5c4

    • SHA256

      0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085

    • SHA512

      e1bf615c34c1dc496bd78d90affc6fcc04a7d315a87b08a179b01a3d0723768e96c4fb1620a5011fe7f454cbfeea4023385b753decf81129e2913bf5b0ef5b8b

    • SSDEEP

      3072:SwzvOYwVN5YP/aKavT/DvbEvK9aobNI2B+el0LTGzkWJWXVfShNgpNcOJkeaNd1W:UXiP/aK2h9H/B+XgyHo2

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks