Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a81ffdcae2361909fe16e35e60e2481a73e0ae16a4bbe4b550b88f3147a4c7d6

  • Size

    5.1MB

  • Sample

    231220-m5nglsfdh3

  • MD5

    8c780bfa9f87c14aded1b219e04c83f9

  • SHA1

    1d3decd5e7f05e53efd500093842c7a0f856847c

  • SHA256

    a81ffdcae2361909fe16e35e60e2481a73e0ae16a4bbe4b550b88f3147a4c7d6

  • SHA512

    6fa8fc1abf5bb3c7942a7c1704329a0f6fcf520299e319d4f4b01c0c02d17a45c8120c06e4a2ba8d1c2620b2df1299799afb1062d53d82d93f5903a67f6312f6

  • SSDEEP

    98304:pz/9XzDc7pax2K27Fi5Ab08kr1uouVVPWOs6xP1tR+hNh77qQJDcQUh276inSqf8:pz/9XzXx2KqB0BpSbpRin+QoChfoi+

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Targets

    • Target

      a81ffdcae2361909fe16e35e60e2481a73e0ae16a4bbe4b550b88f3147a4c7d6

    • Size

      5.1MB

    • MD5

      8c780bfa9f87c14aded1b219e04c83f9

    • SHA1

      1d3decd5e7f05e53efd500093842c7a0f856847c

    • SHA256

      a81ffdcae2361909fe16e35e60e2481a73e0ae16a4bbe4b550b88f3147a4c7d6

    • SHA512

      6fa8fc1abf5bb3c7942a7c1704329a0f6fcf520299e319d4f4b01c0c02d17a45c8120c06e4a2ba8d1c2620b2df1299799afb1062d53d82d93f5903a67f6312f6

    • SSDEEP

      98304:pz/9XzDc7pax2K27Fi5Ab08kr1uouVVPWOs6xP1tR+hNh77qQJDcQUh276inSqf8:pz/9XzXx2KqB0BpSbpRin+QoChfoi+

    • SMSFactory

      SMSFactory is an Android SMS trojan malware first seen in Jun 2022.

    • Acquires the wake lock

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks