Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Ripple_Tweaking_utility.exe
-
Size
17.6MB
-
Sample
240224-gs1cracc7z
-
MD5
09bbf6c9f186f844feda5b0ea6be4236
-
SHA1
0cdc3966c6197455cd7b473b2c38b916443f20ea
-
SHA256
1d0e737509249f21cc3d3760d06c7c06595ff1d07cc8311941d64927b80a256f
-
SHA512
2e71420eeae8507342e54c539e3d34d557fc8bf91c73d4c727e9f9e23163037c4269c0c1ddc6124882611cde6439af9f98cbb38af48c6cd4445c1af8425efa06
-
SSDEEP
393216:qqPnLFXlr7gQpDOETgsvfGXgrmg0vEsAUILkY:/PLFXNEQoEiOzye
Malware Config
Targets
-
-
Target
Ripple_Tweaking_utility.exe
-
Size
17.6MB
-
MD5
09bbf6c9f186f844feda5b0ea6be4236
-
SHA1
0cdc3966c6197455cd7b473b2c38b916443f20ea
-
SHA256
1d0e737509249f21cc3d3760d06c7c06595ff1d07cc8311941d64927b80a256f
-
SHA512
2e71420eeae8507342e54c539e3d34d557fc8bf91c73d4c727e9f9e23163037c4269c0c1ddc6124882611cde6439af9f98cbb38af48c6cd4445c1af8425efa06
-
SSDEEP
393216:qqPnLFXlr7gQpDOETgsvfGXgrmg0vEsAUILkY:/PLFXNEQoEiOzye
Score7/10-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
d99e6d77d16c80995d47ebb7074494ae
-
SHA1
9c2de47ea9ac750b857f30c7c749242e4d87bd3a
-
SHA256
ba4f13b093e7fa8896676cdadb78b4f4c8c0bd798138ea6655de8e9601db5408
-
SHA512
298be58985927e08a637ec8043688b476362b5497fbf2ede7f9d337daed3ef3bd29caa1c75e81241dc0144bdcf54920cd27e6d1d75d740ffa1137e1952dc5564
-
SSDEEP
192:wccRPnDD8M7jWdXwVoHVPBk6JJhwCEPt7Mdws+nw:QH/WuVysO2vhPfw
Score3/10 -