Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
IPTOOLKIT-main.zip
-
Size
90KB
-
Sample
240422-vlzdrsdg9w
-
MD5
5afef76546fd4594d591683746b45eac
-
SHA1
56afb14dd9e980d4b367eb1f4b2a65155c2693af
-
SHA256
55676694bba4a3b0039f708036ded7a7749039a9aa830dbf159766d5622cb0cc
-
SHA512
d39ee6490d9909c6ec1e4edd22fe312403af85b545d69799f328d28dbbc8303de79381bec07ddf9af2991c067e6380123270a2173ff5fa133c2887d84e0b4fb5
-
SSDEEP
1536:oVJJumLifsMzIlJ0pe1GM27wzekULvAf+hYTT+XkgDAQSDzG6xZ9GjscKd+Suk:oVJJ6NziJ0BJH4fS6T+XkqSDzFEBk1uk
Static task
static1
Behavioral task
behavioral1
Sample
IPTOOLKIT-main/IPTOOLKIT.bat
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
IPTOOLKIT-main/IPTOOLKIT.bat
-
Size
4KB
-
MD5
0ce7a6b2c21f3f15472a20687662625e
-
SHA1
93d69bad32ba246f22ea02a5f5696c34aea292c0
-
SHA256
89fe592e5b40bdd0ff3850893f50d3e178efa6bfaeb7dc64fba4a7d3841327a2
-
SHA512
6d5ebcb5c38b2d56627daaf9b7f262bb95d1dc6871214c207c2daec3f95464f69e50ee70480c97cc4ce1e343a61b3f2c4d49c8b1fefa73ac8b81d20287aa9763
-
SSDEEP
96:krExshDl8df//RcjGgydEDUjZzDffL5oEr6nriXoUi:kreshDetJcjTqEDUjZzbfL5KriYUi
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-