Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
teardown.torrent
-
Size
86KB
-
Sample
240626-p553rsybjj
-
MD5
d1d744adaabaa1c7c3afe04705d51567
-
SHA1
ec7f7196e318567221f64f6129d388aaa87e0c61
-
SHA256
082cdcb81ac344b77c26c779e8ba21e1d9a1bfd4baf39add124d0f5921f7c3e1
-
SHA512
4d9b7e4277a4a8c5c8de4ced518cc142cbba43acd2bdb248bd781d3973f1aab07af92639af64e8ff82dfa3f4f228ebbadcedf8d58b0dc6722a119f8a2826706c
-
SSDEEP
1536:ZIsOPc+X+C0dWDakfS1BYAaCd09RcfYiKdpLKwpr7zyP+usapxR/7c81:nI+C0dWekOYNq09RcfqEwpr7zisixFB1
Static task
static1
Behavioral task
behavioral1
Sample
teardown.torrent
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
teardown.torrent
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
teardown.torrent
-
Size
86KB
-
MD5
d1d744adaabaa1c7c3afe04705d51567
-
SHA1
ec7f7196e318567221f64f6129d388aaa87e0c61
-
SHA256
082cdcb81ac344b77c26c779e8ba21e1d9a1bfd4baf39add124d0f5921f7c3e1
-
SHA512
4d9b7e4277a4a8c5c8de4ced518cc142cbba43acd2bdb248bd781d3973f1aab07af92639af64e8ff82dfa3f4f228ebbadcedf8d58b0dc6722a119f8a2826706c
-
SSDEEP
1536:ZIsOPc+X+C0dWDakfS1BYAaCd09RcfYiKdpLKwpr7zyP+usapxR/7c81:nI+C0dWekOYNq09RcfqEwpr7zisixFB1
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Hide Artifacts: Hidden Files and Directories
-