Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac
-
Size
261KB
-
Sample
240422-y4xjnsfg32
-
MD5
b280a941718b0d6c468b980cf564bc02
-
SHA1
28aa7dce945a19ddb2b28c8468e55d22ac5d5d81
-
SHA256
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac
-
SHA512
596a5e5ed2ccdccdd247093ac294a88de0a7425781d182480a8e7c7b81745e5e398c2ed9678abc1c79b1a822632139b49fc175edfda0a0938780ae77e5dd5611
-
SSDEEP
3072:O7BMvaWjzrLXQQJKgmSBAVpet2Ago1lMZ9:saaWjz/gGKgmS+k2ai
Static task
static1
Behavioral task
behavioral1
Sample
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac
-
Size
261KB
-
MD5
b280a941718b0d6c468b980cf564bc02
-
SHA1
28aa7dce945a19ddb2b28c8468e55d22ac5d5d81
-
SHA256
2ecc067ae4df0251c5c1fb582d0d4855b2561c00577e9b987a5c36d0b8a8caac
-
SHA512
596a5e5ed2ccdccdd247093ac294a88de0a7425781d182480a8e7c7b81745e5e398c2ed9678abc1c79b1a822632139b49fc175edfda0a0938780ae77e5dd5611
-
SSDEEP
3072:O7BMvaWjzrLXQQJKgmSBAVpet2Ago1lMZ9:saaWjz/gGKgmS+k2ai
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-