Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bdf42d1fcbc83b6f51b5ff8eb0a01218d27aa4179c5dcd85e3b5ff938b6544c0

  • Size

    59KB

  • Sample

    240425-c7cg1sdh48

  • MD5

    a9b94a77666a6117bb969cd88250604b

  • SHA1

    7cf8b8e3cc540eef83c621084434aca2d865c9ee

  • SHA256

    bdf42d1fcbc83b6f51b5ff8eb0a01218d27aa4179c5dcd85e3b5ff938b6544c0

  • SHA512

    3043ef9d6ceb4a4b9282beb60ef53245882c8f22683ad6d589c5e0814a83704ccf26b0e0acb64721b33621f1475eba64e9b8381d5e296692f285d43f9b1680d6

  • SSDEEP

    768:9qSqC8+N5ozQQCncwxWmNXMX3cX8wtgtzpAXpX8/X/7CUrfbtS69FH:9rqfzQQCamN8835mv7CUro+B

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      bdf42d1fcbc83b6f51b5ff8eb0a01218d27aa4179c5dcd85e3b5ff938b6544c0

    • Size

      59KB

    • MD5

      a9b94a77666a6117bb969cd88250604b

    • SHA1

      7cf8b8e3cc540eef83c621084434aca2d865c9ee

    • SHA256

      bdf42d1fcbc83b6f51b5ff8eb0a01218d27aa4179c5dcd85e3b5ff938b6544c0

    • SHA512

      3043ef9d6ceb4a4b9282beb60ef53245882c8f22683ad6d589c5e0814a83704ccf26b0e0acb64721b33621f1475eba64e9b8381d5e296692f285d43f9b1680d6

    • SSDEEP

      768:9qSqC8+N5ozQQCncwxWmNXMX3cX8wtgtzpAXpX8/X/7CUrfbtS69FH:9rqfzQQCamN8835mv7CUro+B

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks