Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2e9e752eb5829cd16d71a52eebd302c0N.exe
-
Size
96KB
-
Sample
240817-hv8mksshqe
-
MD5
2e9e752eb5829cd16d71a52eebd302c0
-
SHA1
9aa59c56ee3008b2a302770cce3c138627342d9f
-
SHA256
08a036244da521e3d27dd1ec9e32f49c599781f85b83391f57d965de829dc12a
-
SHA512
7af11054ee681f7294706e05da55fb934a7f4d89d63c41676c9d81757b60e25fb8b89fcdcbda0dd3905206744aae8b1b3bca483121282e2f0483c14a9d415b2b
-
SSDEEP
768:p/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJi+vBU6u7DPQ1TTGfGYc+px:pRsvcdcQjosnvng6uQ1JW
Static task
static1
Behavioral task
behavioral1
Sample
2e9e752eb5829cd16d71a52eebd302c0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2e9e752eb5829cd16d71a52eebd302c0N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
2e9e752eb5829cd16d71a52eebd302c0N.exe
-
Size
96KB
-
MD5
2e9e752eb5829cd16d71a52eebd302c0
-
SHA1
9aa59c56ee3008b2a302770cce3c138627342d9f
-
SHA256
08a036244da521e3d27dd1ec9e32f49c599781f85b83391f57d965de829dc12a
-
SHA512
7af11054ee681f7294706e05da55fb934a7f4d89d63c41676c9d81757b60e25fb8b89fcdcbda0dd3905206744aae8b1b3bca483121282e2f0483c14a9d415b2b
-
SSDEEP
768:p/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJi+vBU6u7DPQ1TTGfGYc+px:pRsvcdcQjosnvng6uQ1JW
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-