Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2e9e752eb5829cd16d71a52eebd302c0N.exe

  • Size

    96KB

  • Sample

    240817-hv8mksshqe

  • MD5

    2e9e752eb5829cd16d71a52eebd302c0

  • SHA1

    9aa59c56ee3008b2a302770cce3c138627342d9f

  • SHA256

    08a036244da521e3d27dd1ec9e32f49c599781f85b83391f57d965de829dc12a

  • SHA512

    7af11054ee681f7294706e05da55fb934a7f4d89d63c41676c9d81757b60e25fb8b89fcdcbda0dd3905206744aae8b1b3bca483121282e2f0483c14a9d415b2b

  • SSDEEP

    768:p/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJi+vBU6u7DPQ1TTGfGYc+px:pRsvcdcQjosnvng6uQ1JW

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      2e9e752eb5829cd16d71a52eebd302c0N.exe

    • Size

      96KB

    • MD5

      2e9e752eb5829cd16d71a52eebd302c0

    • SHA1

      9aa59c56ee3008b2a302770cce3c138627342d9f

    • SHA256

      08a036244da521e3d27dd1ec9e32f49c599781f85b83391f57d965de829dc12a

    • SHA512

      7af11054ee681f7294706e05da55fb934a7f4d89d63c41676c9d81757b60e25fb8b89fcdcbda0dd3905206744aae8b1b3bca483121282e2f0483c14a9d415b2b

    • SSDEEP

      768:p/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJi+vBU6u7DPQ1TTGfGYc+px:pRsvcdcQjosnvng6uQ1JW

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks