Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757
-
Size
69KB
-
Sample
240614-2rbcfsyhqh
-
MD5
968a96b3b6c91d61df46db0de51a3f8c
-
SHA1
a395fa3aed97dfc5039860cdf3a3840b60d0b7df
-
SHA256
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757
-
SHA512
df6bc925e0a59a14f943bf8eade7a8ddff5c5c27be7786da6fb236c84cbb58faca89838e45d8ff4209ada412d1c38017588145cef002d6b141690eb05ebef221
-
SSDEEP
1536:gQTIubHy5wQ5JAejpzkGdxDLw3qMnd1YzHgAB71/pX:R4w6ZpzNdxDL25ELBxX
Static task
static1
Behavioral task
behavioral1
Sample
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757
-
Size
69KB
-
MD5
968a96b3b6c91d61df46db0de51a3f8c
-
SHA1
a395fa3aed97dfc5039860cdf3a3840b60d0b7df
-
SHA256
75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757
-
SHA512
df6bc925e0a59a14f943bf8eade7a8ddff5c5c27be7786da6fb236c84cbb58faca89838e45d8ff4209ada412d1c38017588145cef002d6b141690eb05ebef221
-
SSDEEP
1536:gQTIubHy5wQ5JAejpzkGdxDLw3qMnd1YzHgAB71/pX:R4w6ZpzNdxDL25ELBxX
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-