Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
238bef90919f1fa3cfe6aef075b62504
-
Size
128KB
-
Sample
231231-ccskraccb6
-
MD5
238bef90919f1fa3cfe6aef075b62504
-
SHA1
6a8b70aa0a935c2b0813467440ba682feb6c8e27
-
SHA256
6b2338e022deff88b371d12501d1a749ee447a8044acfbac9db205057d463a19
-
SHA512
d6682448bb38c5a048acc5967609bbbb45009500133ae014039ac2a643fce5f9b95887ce195af011e86b14601cfbdc8e8e3acad746e81be0fbd86049371ec1c7
-
SSDEEP
1536:fE9CgNnZwaecE4sxJjt8jM5rwW8k5BbRusyvk7hC9wW2o+sPwORv7q+aBJLa5:fEJnZwaoeMBwtk9JyswF7nCY5
Static task
static1
Behavioral task
behavioral1
Sample
238bef90919f1fa3cfe6aef075b62504.exe
Resource
win7-20231215-en
Malware Config
Extracted
pony
http://67.215.225.205:8080/forum/viewtopic.php
http://216.231.139.111/forum/viewtopic.php
-
payload_url
http://birdofparadisepub.com/poQYPP.exe
http://www.carddebtgone.com/NW6.exe
http://capital-marketing.me/yqMb.exe
Targets
-
-
Target
238bef90919f1fa3cfe6aef075b62504
-
Size
128KB
-
MD5
238bef90919f1fa3cfe6aef075b62504
-
SHA1
6a8b70aa0a935c2b0813467440ba682feb6c8e27
-
SHA256
6b2338e022deff88b371d12501d1a749ee447a8044acfbac9db205057d463a19
-
SHA512
d6682448bb38c5a048acc5967609bbbb45009500133ae014039ac2a643fce5f9b95887ce195af011e86b14601cfbdc8e8e3acad746e81be0fbd86049371ec1c7
-
SSDEEP
1536:fE9CgNnZwaecE4sxJjt8jM5rwW8k5BbRusyvk7hC9wW2o+sPwORv7q+aBJLa5:fEJnZwaoeMBwtk9JyswF7nCY5
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-