Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    AppGitHub.zip

  • Size

    18.3MB

  • Sample

    240713-spe37awcqk

  • MD5

    526421765b748500c1b072c5b097ff90

  • SHA1

    6a6be0e73d4979d22296e114f2d489017ba7a12f

  • SHA256

    28920b251fd161078a26e57de5f95eb6710b5f4b64363cb5340182532e315d30

  • SHA512

    a5bc3c6f7d4085fd1db17f3a53cba2c753b0ebb554b2022c9c05b823d881527b71d2838b84c671a3e18c73dd3bde5da6b8c0a4009e6b39871e0170769a2c9bef

  • SSDEEP

    393216:5IUqyga2Szz9xDmRbF6cprklcbe462pVBwsVGVuO/Xg+:50ygB8nc5nqlcy46QBwsVWXH

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    94.156.8.173
  • Port:
    21
  • Username:
    anonymous
  • Password:
    anonymous@

Targets

    • Target

      AppGitHub/App.exe

    • Size

      24.2MB

    • MD5

      e9375068b29318e25281d4fa36b2bf31

    • SHA1

      bbf93b5d9aa19293df332caf8866e5ad9b871787

    • SHA256

      964ed02573d0cf5741deda31cd7051e15d491a39aa610c5362e244832cc104bc

    • SHA512

      37dfb04705b74b9d5e09f7082c5da42b724d02e594ea215aa857f64b2a9009ed525992d5e29891a0a55427a355a72e4505ed61b15e733648ee83c39474417009

    • SSDEEP

      98304:IXG4ks4BPCuS3tqRi1jg7AEb/lp+LRpPoTP29Fc6clyzl/pdlOXwIJbYSTK460fs:MJHXhVTWNDu1ka2IUi+bBV3tE+EDaW6

    Score
    10/10
    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks