Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e914b106544ee25bf3969c31156716b

  • Size

    196KB

  • Sample

    240409-ymk5bage33

  • MD5

    7e914b106544ee25bf3969c31156716b

  • SHA1

    6975e0e86bfe68e43363501e63b0236b7582f799

  • SHA256

    60a828dce91a199f720ab96f365be16e704b381eb535985923b2248a800ba0f0

  • SHA512

    ef4e491b23fe85e01a199419c30df35ef2cb6d05e03b300f0ded7b5ffe7d3bf0a0746ef9face10c9382950e675c3d90bb7cc6cdb143c0b0c7e8d9ba6ec946fd6

  • SSDEEP

    1536:sfVLuTnlTTy9uEGe9t2oKLjWlCu8i9pUJANjUSqoWZQnem:sfVLWlTTbEGe9AJKlCvIUuqoWqnb

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      7e914b106544ee25bf3969c31156716b

    • Size

      196KB

    • MD5

      7e914b106544ee25bf3969c31156716b

    • SHA1

      6975e0e86bfe68e43363501e63b0236b7582f799

    • SHA256

      60a828dce91a199f720ab96f365be16e704b381eb535985923b2248a800ba0f0

    • SHA512

      ef4e491b23fe85e01a199419c30df35ef2cb6d05e03b300f0ded7b5ffe7d3bf0a0746ef9face10c9382950e675c3d90bb7cc6cdb143c0b0c7e8d9ba6ec946fd6

    • SSDEEP

      1536:sfVLuTnlTTy9uEGe9t2oKLjWlCu8i9pUJANjUSqoWZQnem:sfVLWlTTbEGe9AJKlCvIUuqoWqnb

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks