Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    IPTOOLKIT-main.zip

  • Size

    90KB

  • Sample

    240422-vlzdrsdg9w

  • MD5

    5afef76546fd4594d591683746b45eac

  • SHA1

    56afb14dd9e980d4b367eb1f4b2a65155c2693af

  • SHA256

    55676694bba4a3b0039f708036ded7a7749039a9aa830dbf159766d5622cb0cc

  • SHA512

    d39ee6490d9909c6ec1e4edd22fe312403af85b545d69799f328d28dbbc8303de79381bec07ddf9af2991c067e6380123270a2173ff5fa133c2887d84e0b4fb5

  • SSDEEP

    1536:oVJJumLifsMzIlJ0pe1GM27wzekULvAf+hYTT+XkgDAQSDzG6xZ9GjscKd+Suk:oVJJ6NziJ0BJH4fS6T+XkqSDzFEBk1uk

Score
8/10

Malware Config

Targets

    • Target

      IPTOOLKIT-main/IPTOOLKIT.bat

    • Size

      4KB

    • MD5

      0ce7a6b2c21f3f15472a20687662625e

    • SHA1

      93d69bad32ba246f22ea02a5f5696c34aea292c0

    • SHA256

      89fe592e5b40bdd0ff3850893f50d3e178efa6bfaeb7dc64fba4a7d3841327a2

    • SHA512

      6d5ebcb5c38b2d56627daaf9b7f262bb95d1dc6871214c207c2daec3f95464f69e50ee70480c97cc4ce1e343a61b3f2c4d49c8b1fefa73ac8b81d20287aa9763

    • SSDEEP

      96:krExshDl8df//RcjGgydEDUjZzDffL5oEr6nriXoUi:kreshDetJcjTqEDUjZzbfL5KriYUi

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks