Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d
-
Size
34KB
-
Sample
240411-e61vbscd56
-
MD5
f6da37246aa95224ea6d393617093e19
-
SHA1
b760d39479438372eba98e2801b30c1e9561e18f
-
SHA256
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d
-
SHA512
f547e5686236e3d8006f0be8bd2a9db65e25c63c97cd15fbef47341fb60e3bacf8e51478aa08de0c78aa688f7b231dd32101f4a0fb74553b72474a711b3a05e0
-
SSDEEP
768:9qSqC8+N5ozQQLncwxWmNXMX3cX8wtgg/X/zCtgcgCEX8u/vSXrXrXrXrXrXyHX:9rqfzQQLamN88Fr277777YX
Static task
static1
Behavioral task
behavioral1
Sample
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d
-
Size
34KB
-
MD5
f6da37246aa95224ea6d393617093e19
-
SHA1
b760d39479438372eba98e2801b30c1e9561e18f
-
SHA256
f7ff365b9d69717a32a4450c7879de1bd630ef81cd67ca04ee85675a554ffe7d
-
SHA512
f547e5686236e3d8006f0be8bd2a9db65e25c63c97cd15fbef47341fb60e3bacf8e51478aa08de0c78aa688f7b231dd32101f4a0fb74553b72474a711b3a05e0
-
SSDEEP
768:9qSqC8+N5ozQQLncwxWmNXMX3cX8wtgg/X/zCtgcgCEX8u/vSXrXrXrXrXrXyHX:9rqfzQQLamN88Fr277777YX
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-