Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SamFwToolSetup_v4.8.1.zip
-
Size
54.3MB
-
Sample
231225-tpe9madehl
-
MD5
26ce970ebea86ad5cd7b12f1a15f2c69
-
SHA1
43c7d480529c96f0c0e01f1da2ef8d3fe7adeb70
-
SHA256
bdd9bc27f915980d24297b27a444b2d8cd50d93b40c5da4185daf11aea9d5e4a
-
SHA512
30bec66ada9b3446d42255a89c31fe1b0bb2ba5becf14a45a8a9bd4617847c02d8c1d3169b868aeffc4d832f303413f1e1869e5445e866aa567a494ab6ff0e6a
-
SSDEEP
1572864:c+HHDp1d3Ed/UYhOvpYL7c8FQ+Eg/JNoCeQ:LHHHd0dTh/c8FQP+zN
Malware Config
Targets
-
-
Target
SamFwToolSetup.exe
-
Size
54.9MB
-
MD5
25db526a01d71287418f0014685f28ed
-
SHA1
e0d788bcc5540f48e8aa4357c2a0eabc6c3ebf68
-
SHA256
4c806ae6ba9909989128c6b2fac18ccb9dab2090dc3941cb24711f1db4be2fb0
-
SHA512
12f31fe7eeced9125555e691c8d84070ef818f28db571ae3abed73a53546aaf1f121f9c2ac23175e3c4e257640105bb0c7a2f85013d9a089ccf6050bd476990e
-
SSDEEP
1572864:d63HFhdZRARLmKz+pruxp2m7UeC2HPh4umu:o3HVZeRvzb2m7UVq7t
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-