Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Ripple_Tweaking_utility.exe

  • Size

    17.6MB

  • Sample

    240224-gs1cracc7z

  • MD5

    09bbf6c9f186f844feda5b0ea6be4236

  • SHA1

    0cdc3966c6197455cd7b473b2c38b916443f20ea

  • SHA256

    1d0e737509249f21cc3d3760d06c7c06595ff1d07cc8311941d64927b80a256f

  • SHA512

    2e71420eeae8507342e54c539e3d34d557fc8bf91c73d4c727e9f9e23163037c4269c0c1ddc6124882611cde6439af9f98cbb38af48c6cd4445c1af8425efa06

  • SSDEEP

    393216:qqPnLFXlr7gQpDOETgsvfGXgrmg0vEsAUILkY:/PLFXNEQoEiOzye

Malware Config

Targets

    • Target

      Ripple_Tweaking_utility.exe

    • Size

      17.6MB

    • MD5

      09bbf6c9f186f844feda5b0ea6be4236

    • SHA1

      0cdc3966c6197455cd7b473b2c38b916443f20ea

    • SHA256

      1d0e737509249f21cc3d3760d06c7c06595ff1d07cc8311941d64927b80a256f

    • SHA512

      2e71420eeae8507342e54c539e3d34d557fc8bf91c73d4c727e9f9e23163037c4269c0c1ddc6124882611cde6439af9f98cbb38af48c6cd4445c1af8425efa06

    • SSDEEP

      393216:qqPnLFXlr7gQpDOETgsvfGXgrmg0vEsAUILkY:/PLFXNEQoEiOzye

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      d99e6d77d16c80995d47ebb7074494ae

    • SHA1

      9c2de47ea9ac750b857f30c7c749242e4d87bd3a

    • SHA256

      ba4f13b093e7fa8896676cdadb78b4f4c8c0bd798138ea6655de8e9601db5408

    • SHA512

      298be58985927e08a637ec8043688b476362b5497fbf2ede7f9d337daed3ef3bd29caa1c75e81241dc0144bdcf54920cd27e6d1d75d740ffa1137e1952dc5564

    • SSDEEP

      192:wccRPnDD8M7jWdXwVoHVPBk6JJhwCEPt7Mdws+nw:QH/WuVysO2vhPfw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks