Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

82e3e724c2...ad.exe

windows7-x64

10

82e3e724c2...ad.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    82e3e724c2f8e7e411a9d88797fc0baf3ffdf21d7b2772b5fdf4b7548bf683ad

  • Size

    41KB

  • Sample

    240509-a9172shc4w

  • MD5

    8d027dce08fbf2ff4498fa353d99da40

  • SHA1

    acbe225d7330987895a07b8633ad61b346834c53

  • SHA256

    82e3e724c2f8e7e411a9d88797fc0baf3ffdf21d7b2772b5fdf4b7548bf683ad

  • SHA512

    e98b149daed94264e7860051e5af0882b6f841b71aef8e870cd83decdf35a63bd9329b816f67e6c38b2baab6af22c713ceb42125156cf3ad2ed82f888108c426

  • SSDEEP

    768:xIP5WOMVs4PSV06ymNNC6S7Cm1n2OBGRIWNSE77DPQ1TTGfGYhH:xI0OGrOy6NvSpMZrQ1JG

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      82e3e724c2f8e7e411a9d88797fc0baf3ffdf21d7b2772b5fdf4b7548bf683ad

    • Size

      41KB

    • MD5

      8d027dce08fbf2ff4498fa353d99da40

    • SHA1

      acbe225d7330987895a07b8633ad61b346834c53

    • SHA256

      82e3e724c2f8e7e411a9d88797fc0baf3ffdf21d7b2772b5fdf4b7548bf683ad

    • SHA512

      e98b149daed94264e7860051e5af0882b6f841b71aef8e870cd83decdf35a63bd9329b816f67e6c38b2baab6af22c713ceb42125156cf3ad2ed82f888108c426

    • SSDEEP

      768:xIP5WOMVs4PSV06ymNNC6S7Cm1n2OBGRIWNSE77DPQ1TTGfGYhH:xI0OGrOy6NvSpMZrQ1JG

    Score
    10/10

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks