Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

  • Size

    5.0MB

  • Sample

    231220-k87zbaaad3

  • MD5

    e6bc4ad7202ba5be391d9f1df0854d92

  • SHA1

    97ac2e5675d4dec5173318041894805ad4558cac

  • SHA256

    9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

  • SHA512

    f23a77ecf22f36d43faf7d3155e42a2e4b9fce96dff4ab96d94010bd5ad4350e9f271cfecff51df6d7244eaadcd06b6fa0369d5478deef85e719b347af8249a8

  • SSDEEP

    98304:y4zvn3pjWHaZ3kUtyrlfcem0VUc5hYCXRUQvijgie1OfDH+FYEUTVZv5CDkmmSqc:t7n4Ha2yydxfzvxQUYEUTVZ0kfQrk0X

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Targets

    • Target

      9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

    • Size

      5.0MB

    • MD5

      e6bc4ad7202ba5be391d9f1df0854d92

    • SHA1

      97ac2e5675d4dec5173318041894805ad4558cac

    • SHA256

      9b79c49f9c3471be37bcb1c7e2c6d11f449d804d114e75b6d3fac0b7695c790d

    • SHA512

      f23a77ecf22f36d43faf7d3155e42a2e4b9fce96dff4ab96d94010bd5ad4350e9f271cfecff51df6d7244eaadcd06b6fa0369d5478deef85e719b347af8249a8

    • SSDEEP

      98304:y4zvn3pjWHaZ3kUtyrlfcem0VUc5hYCXRUQvijgie1OfDH+FYEUTVZv5CDkmmSqc:t7n4Ha2yydxfzvxQUYEUTVZ0kfQrk0X

    • SMSFactory

      SMSFactory is an Android SMS trojan malware first seen in Jun 2022.

    • Acquires the wake lock

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks