Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4
-
Size
72KB
-
Sample
240807-3pyweawdrr
-
MD5
c46fca6ff68caad23653cdf0b073aeb3
-
SHA1
7bf11f110c32a96a1298acdbd8bf49e2f1722aeb
-
SHA256
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4
-
SHA512
1df92748144df08386e9977b4c4f3153f5c53dd37e6c4f2884a0a7cb053352ea52c17fba053c63f4054e5b1e751e58bb10cd483e5c9609113160f424a890254c
-
SSDEEP
1536:EQTIubHy5wQcNZgHLl7qJc2fiMIRZprDa8ibxBeO:d4wPNaLlqy2MtDMBx
Static task
static1
Behavioral task
behavioral1
Sample
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4
-
Size
72KB
-
MD5
c46fca6ff68caad23653cdf0b073aeb3
-
SHA1
7bf11f110c32a96a1298acdbd8bf49e2f1722aeb
-
SHA256
79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4
-
SHA512
1df92748144df08386e9977b4c4f3153f5c53dd37e6c4f2884a0a7cb053352ea52c17fba053c63f4054e5b1e751e58bb10cd483e5c9609113160f424a890254c
-
SSDEEP
1536:EQTIubHy5wQcNZgHLl7qJc2fiMIRZprDa8ibxBeO:d4wPNaLlqy2MtDMBx
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-