Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

roprorex_1.rar

windows7-x64

6

roprorex_1.rar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    roprorex_1.rar

  • Size

    3.3MB

  • Sample

    240217-kd88wsdd93

  • MD5

    b25fdfa28b4454393ab745b27423ba3f

  • SHA1

    e82347b4bbeb97cdd92b92b3888ee60332ce3ece

  • SHA256

    2379d8a7bb686fbeb4fa1d8abf0ca1ee13a30b793b2bab276971e51e90276f4a

  • SHA512

    d2bd74884385a9147ce7f2e45cc5435668ab551ba702af8decef2ccdbb786aa270970a09162b6f24899296bf72f79a51db933d014b05ec6f44a0a19c2fa07070

  • SSDEEP

    98304:KYRDY2zwXS4UeAzhckLghHHW6OnI98ud1r:0XbAzhcKgB26ndZ

Score
7/10

Malware Config

Targets

    • Target

      roprorex_1.rar

    • Size

      3.3MB

    • MD5

      b25fdfa28b4454393ab745b27423ba3f

    • SHA1

      e82347b4bbeb97cdd92b92b3888ee60332ce3ece

    • SHA256

      2379d8a7bb686fbeb4fa1d8abf0ca1ee13a30b793b2bab276971e51e90276f4a

    • SHA512

      d2bd74884385a9147ce7f2e45cc5435668ab551ba702af8decef2ccdbb786aa270970a09162b6f24899296bf72f79a51db933d014b05ec6f44a0a19c2fa07070

    • SSDEEP

      98304:KYRDY2zwXS4UeAzhckLghHHW6OnI98ud1r:0XbAzhcKgB26ndZ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks