Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757

  • Size

    69KB

  • Sample

    240614-2rbcfsyhqh

  • MD5

    968a96b3b6c91d61df46db0de51a3f8c

  • SHA1

    a395fa3aed97dfc5039860cdf3a3840b60d0b7df

  • SHA256

    75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757

  • SHA512

    df6bc925e0a59a14f943bf8eade7a8ddff5c5c27be7786da6fb236c84cbb58faca89838e45d8ff4209ada412d1c38017588145cef002d6b141690eb05ebef221

  • SSDEEP

    1536:gQTIubHy5wQ5JAejpzkGdxDLw3qMnd1YzHgAB71/pX:R4w6ZpzNdxDL25ELBxX

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757

    • Size

      69KB

    • MD5

      968a96b3b6c91d61df46db0de51a3f8c

    • SHA1

      a395fa3aed97dfc5039860cdf3a3840b60d0b7df

    • SHA256

      75d3746241bc79b18fccb6f186049c505fcf841dabbbd3bec189dd105a79c757

    • SHA512

      df6bc925e0a59a14f943bf8eade7a8ddff5c5c27be7786da6fb236c84cbb58faca89838e45d8ff4209ada412d1c38017588145cef002d6b141690eb05ebef221

    • SSDEEP

      1536:gQTIubHy5wQ5JAejpzkGdxDLw3qMnd1YzHgAB71/pX:R4w6ZpzNdxDL25ELBxX

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks