Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    abe36bf39d6167eb9c12fcdcf48ef508

  • Size

    1.2MB

  • Sample

    240228-prtgtabe96

  • MD5

    abe36bf39d6167eb9c12fcdcf48ef508

  • SHA1

    496bd18fa6cd505a9e8f075e9a928ff0a2489c56

  • SHA256

    837f62877205239f1fe4da919c60d141c30812018451ace07767895cbf6437d0

  • SHA512

    45288821df6d8fd15195ddba6733262fa0c2918939ba55aa9b3a382883dcd0da7c30692c6c2cfc58be0305c25f36778a4b93bb113247e8a67b8afd4d7d7992a4

  • SSDEEP

    24576:OAHnh+eWsN3skA4RV1Hom2KXMmHax4mkIykTKgm6G+C7X85:5h+ZkldoPK8YaxN1TP+7S

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    files.000webhost.com
  • Port:
    21
  • Username:
    fdhfdcgfgg

Targets

    • Target

      abe36bf39d6167eb9c12fcdcf48ef508

    • Size

      1.2MB

    • MD5

      abe36bf39d6167eb9c12fcdcf48ef508

    • SHA1

      496bd18fa6cd505a9e8f075e9a928ff0a2489c56

    • SHA256

      837f62877205239f1fe4da919c60d141c30812018451ace07767895cbf6437d0

    • SHA512

      45288821df6d8fd15195ddba6733262fa0c2918939ba55aa9b3a382883dcd0da7c30692c6c2cfc58be0305c25f36778a4b93bb113247e8a67b8afd4d7d7992a4

    • SSDEEP

      24576:OAHnh+eWsN3skA4RV1Hom2KXMmHax4mkIykTKgm6G+C7X85:5h+ZkldoPK8YaxN1TP+7S

    Score
    10/10
    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks