Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4

  • Size

    72KB

  • Sample

    240807-3pyweawdrr

  • MD5

    c46fca6ff68caad23653cdf0b073aeb3

  • SHA1

    7bf11f110c32a96a1298acdbd8bf49e2f1722aeb

  • SHA256

    79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4

  • SHA512

    1df92748144df08386e9977b4c4f3153f5c53dd37e6c4f2884a0a7cb053352ea52c17fba053c63f4054e5b1e751e58bb10cd483e5c9609113160f424a890254c

  • SSDEEP

    1536:EQTIubHy5wQcNZgHLl7qJc2fiMIRZprDa8ibxBeO:d4wPNaLlqy2MtDMBx

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4

    • Size

      72KB

    • MD5

      c46fca6ff68caad23653cdf0b073aeb3

    • SHA1

      7bf11f110c32a96a1298acdbd8bf49e2f1722aeb

    • SHA256

      79922108b02999ea4cf97a6821df89101e368fd01c68479a09b5722115d12cf4

    • SHA512

      1df92748144df08386e9977b4c4f3153f5c53dd37e6c4f2884a0a7cb053352ea52c17fba053c63f4054e5b1e751e58bb10cd483e5c9609113160f424a890254c

    • SSDEEP

      1536:EQTIubHy5wQcNZgHLl7qJc2fiMIRZprDa8ibxBeO:d4wPNaLlqy2MtDMBx

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks