Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2f276d9ed50155f679afd4833c52dbe0N.exe
-
Size
543KB
-
Sample
240822-s64swaveqe
-
MD5
2f276d9ed50155f679afd4833c52dbe0
-
SHA1
259d74b2438ef9d8e0184884d53738bce4946f33
-
SHA256
34798691da76d861471d70aa256c1d4718fa6f83996e91ffb27d2db3a547f417
-
SHA512
3b24b4b8661932f1ff7e4ae58cdcb9effdf97295cf44731b34e1d226cc84c8de17c8e3f66ef557ce276a5913daed869184cefe717f409409c43f72d53422baac
-
SSDEEP
6144:8KK8/M66PKjtrSYiLeBmoak9u/SnrUEEYiLTcdeyBJdw2OD1MktP3XUxPQimxfDd:1jM66PK8UApYzdZJm2/g9fDFi/R
Static task
static1
Behavioral task
behavioral1
Sample
2f276d9ed50155f679afd4833c52dbe0N.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2f276d9ed50155f679afd4833c52dbe0N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
happy-hack.ucoz.ru - Port:
21 - Username:
0happy-hack - Password:
dnkdnk
Targets
-
-
Target
2f276d9ed50155f679afd4833c52dbe0N.exe
-
Size
543KB
-
MD5
2f276d9ed50155f679afd4833c52dbe0
-
SHA1
259d74b2438ef9d8e0184884d53738bce4946f33
-
SHA256
34798691da76d861471d70aa256c1d4718fa6f83996e91ffb27d2db3a547f417
-
SHA512
3b24b4b8661932f1ff7e4ae58cdcb9effdf97295cf44731b34e1d226cc84c8de17c8e3f66ef557ce276a5913daed869184cefe717f409409c43f72d53422baac
-
SSDEEP
6144:8KK8/M66PKjtrSYiLeBmoak9u/SnrUEEYiLTcdeyBJdw2OD1MktP3XUxPQimxfDd:1jM66PK8UApYzdZJm2/g9fDFi/R
Score10/10-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-