Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    60c66ae0d17a844ab6d3034a9f0a9250N.exe

  • Size

    58KB

  • Sample

    240819-qvmdcazfqq

  • MD5

    60c66ae0d17a844ab6d3034a9f0a9250

  • SHA1

    50c7e858c68fbb0d0dc140c8b7a6d69856439516

  • SHA256

    48b419b727b3c5fba10eef8e4f359f940a4530c264726d7d2859a4ea1bebfecd

  • SHA512

    8479cf714291b7226ffa104408f3a273661b07d4b7c895b99967b189a76a9d5085e1fadff85005489bcc5fef4facb612afc45012fc1f5858cb3a6380f1bec28b

  • SSDEEP

    768:9qSqC8+N5ozQQlncwxWmNXMX3cX8wtgtzpAXpX8/X/7CUrfbtSqk0j:9rqfzQQlamN8835mv7CUroqk0j

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      60c66ae0d17a844ab6d3034a9f0a9250N.exe

    • Size

      58KB

    • MD5

      60c66ae0d17a844ab6d3034a9f0a9250

    • SHA1

      50c7e858c68fbb0d0dc140c8b7a6d69856439516

    • SHA256

      48b419b727b3c5fba10eef8e4f359f940a4530c264726d7d2859a4ea1bebfecd

    • SHA512

      8479cf714291b7226ffa104408f3a273661b07d4b7c895b99967b189a76a9d5085e1fadff85005489bcc5fef4facb612afc45012fc1f5858cb3a6380f1bec28b

    • SSDEEP

      768:9qSqC8+N5ozQQlncwxWmNXMX3cX8wtgtzpAXpX8/X/7CUrfbtSqk0j:9rqfzQQlamN8835mv7CUroqk0j

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks