Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3f05e5e4a6919772ce09a6c0ea6239c12a52224005faa00cd08de72f5d0cc3bN

  • Size

    64KB

  • Sample

    240929-l9whcazbrk

  • MD5

    48fb0dc2ac5b25a90d62a20483363f00

  • SHA1

    32453f8ddd3b5f1642100d5a5d4e82f6253231ad

  • SHA256

    e3f05e5e4a6919772ce09a6c0ea6239c12a52224005faa00cd08de72f5d0cc3b

  • SHA512

    275bd6e431b1fc78a17575e1e0edc5766314ff0bff0ddb10d4ce7dd72ba43cbb001029228b5e3585e716904c55933439c4e3224b8ba94beef4d36c0fa94a68c9

  • SSDEEP

    1536:gQTIubHy5wQkJAejpzkGdxDLw3qMnd1YzHgLj:R4wPZpzNdxDL25Ey

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      e3f05e5e4a6919772ce09a6c0ea6239c12a52224005faa00cd08de72f5d0cc3bN

    • Size

      64KB

    • MD5

      48fb0dc2ac5b25a90d62a20483363f00

    • SHA1

      32453f8ddd3b5f1642100d5a5d4e82f6253231ad

    • SHA256

      e3f05e5e4a6919772ce09a6c0ea6239c12a52224005faa00cd08de72f5d0cc3b

    • SHA512

      275bd6e431b1fc78a17575e1e0edc5766314ff0bff0ddb10d4ce7dd72ba43cbb001029228b5e3585e716904c55933439c4e3224b8ba94beef4d36c0fa94a68c9

    • SSDEEP

      1536:gQTIubHy5wQkJAejpzkGdxDLw3qMnd1YzHgLj:R4wPZpzNdxDL25Ey

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks