Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac

  • Size

    261KB

  • Sample

    240422-y4xjnsfg32

  • MD5

    b280a941718b0d6c468b980cf564bc02

  • SHA1

    28aa7dce945a19ddb2b28c8468e55d22ac5d5d81

  • SHA256

    2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac

  • SHA512

    596a5e5ed2ccdccdd247093ac294a88de0a7425781d182480a8e7c7b81745e5e398c2ed9678abc1c79b1a822632139b49fc175edfda0a0938780ae77e5dd5611

  • SSDEEP

    3072:O7BMvaWjzrLXQQJKgmSBAVpet2Ago1lMZ9:saaWjz/gGKgmS+k2ai

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac

    • Size

      261KB

    • MD5

      b280a941718b0d6c468b980cf564bc02

    • SHA1

      28aa7dce945a19ddb2b28c8468e55d22ac5d5d81

    • SHA256

      2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac

    • SHA512

      596a5e5ed2ccdccdd247093ac294a88de0a7425781d182480a8e7c7b81745e5e398c2ed9678abc1c79b1a822632139b49fc175edfda0a0938780ae77e5dd5611

    • SSDEEP

      3072:O7BMvaWjzrLXQQJKgmSBAVpet2Ago1lMZ9:saaWjz/gGKgmS+k2ai

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks