Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2f276d9ed50155f679afd4833c52dbe0N.exe

  • Size

    543KB

  • Sample

    240822-s64swaveqe

  • MD5

    2f276d9ed50155f679afd4833c52dbe0

  • SHA1

    259d74b2438ef9d8e0184884d53738bce4946f33

  • SHA256

    34798691da76d861471d70aa256c1d4718fa6f83996e91ffb27d2db3a547f417

  • SHA512

    3b24b4b8661932f1ff7e4ae58cdcb9effdf97295cf44731b34e1d226cc84c8de17c8e3f66ef557ce276a5913daed869184cefe717f409409c43f72d53422baac

  • SSDEEP

    6144:8KK8/M66PKjtrSYiLeBmoak9u/SnrUEEYiLTcdeyBJdw2OD1MktP3XUxPQimxfDd:1jM66PK8UApYzdZJm2/g9fDFi/R

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    happy-hack.ucoz.ru
  • Port:
    21
  • Username:
    0happy-hack
  • Password:
    dnkdnk

Targets

    • Target

      2f276d9ed50155f679afd4833c52dbe0N.exe

    • Size

      543KB

    • MD5

      2f276d9ed50155f679afd4833c52dbe0

    • SHA1

      259d74b2438ef9d8e0184884d53738bce4946f33

    • SHA256

      34798691da76d861471d70aa256c1d4718fa6f83996e91ffb27d2db3a547f417

    • SHA512

      3b24b4b8661932f1ff7e4ae58cdcb9effdf97295cf44731b34e1d226cc84c8de17c8e3f66ef557ce276a5913daed869184cefe717f409409c43f72d53422baac

    • SSDEEP

      6144:8KK8/M66PKjtrSYiLeBmoak9u/SnrUEEYiLTcdeyBJdw2OD1MktP3XUxPQimxfDd:1jM66PK8UApYzdZJm2/g9fDFi/R

    Score
    10/10
    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks