Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ca4bc3f5bca3badc7dd8914091cfc54912bdbe48c978fa3d981e5b0b51e6b186.exe

  • Size

    34KB

  • MD5

    758207dc7de0122f89aae318131a422d

  • SHA1

    b1500da4b8494f1b50784594545ec0295bb30e95

  • SHA256

    ca4bc3f5bca3badc7dd8914091cfc54912bdbe48c978fa3d981e5b0b51e6b186

  • SHA512

    8aa436ceb624231688870ec06accbbe411d49d8b8d22770ad571fbffbdc1884e1c6e1358fea0944eb861bb5eabb8db339a5bdaa7f11ddcea4f5a866cc478b31e

  • SSDEEP

    768:B1YZHVdLyeivbORWHNS5wMA1WIEk+lYyZsj/YDcHt2:s5LszObU/E9lYVYDb

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://ck94345.tmweb.ru/nilly/nicholas/gate.php

Attributes
  • payload_url

    http://ck94345.tmweb.ru/nilly/nicholas.exe

Signatures

  • Pony family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • ca4bc3f5bca3badc7dd8914091cfc54912bdbe48c978fa3d981e5b0b51e6b186.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections