Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1

  • Size

    37KB

  • Sample

    231114-xj6q6see9s

  • MD5

    0ecc699966b9511377c4f55c663de3f5

  • SHA1

    05016cc58fcb5ce71efa7ec068e6011a24ebd272

  • SHA256

    cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1

  • SHA512

    d13dd526f18a96e8bf2512b2d63ac5f6ef3f2c42354fbd089a5503c3a1f79271775f27ecba2cc545addc5a3396bff1c75794fef6280126cb89bfe4c0f9e15772

  • SSDEEP

    768:vaULlJmmFmP1WE5GhbIYuBJV0bAQY4cs+p5EFnniFJzup6rwp:vPJmmFmP1WKUbt4J6vLip5EFnniFk6rM

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    astanginamopo08159as

Targets

    • Target

      cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1

    • Size

      37KB

    • MD5

      0ecc699966b9511377c4f55c663de3f5

    • SHA1

      05016cc58fcb5ce71efa7ec068e6011a24ebd272

    • SHA256

      cbf4a5b2f16f7a410ee9448cdb836e6bd2cc91bc83cd0dec06c9e945cb6b6cd1

    • SHA512

      d13dd526f18a96e8bf2512b2d63ac5f6ef3f2c42354fbd089a5503c3a1f79271775f27ecba2cc545addc5a3396bff1c75794fef6280126cb89bfe4c0f9e15772

    • SSDEEP

      768:vaULlJmmFmP1WE5GhbIYuBJV0bAQY4cs+p5EFnniFJzup6rwp:vPJmmFmP1WKUbt4J6vLip5EFnniFk6rM

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks