Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e

  • Size

    115KB

  • Sample

    221010-3aqw9adfd4

  • MD5

    535373661a6c5ac8b76c0bb8ba6f8547

  • SHA1

    bf6bfb2bec3087992ce39a03e82bb5e2f3d1275b

  • SHA256

    2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e

  • SHA512

    a3eca1b13711ab0de7f22ab0d933811dfd0f9f4f8947fa992c26ef74153e74a871192adfcc1d6692bf30e6685b9189990232a10daa5bfbc4a7ca59a69f7f7b6b

  • SSDEEP

    3072:yf8wNOO5/bHoUYmxF44UkbZEvoA7HjeG6PDkX:yn5dn4rkWgCHje97

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e

    • Size

      115KB

    • MD5

      535373661a6c5ac8b76c0bb8ba6f8547

    • SHA1

      bf6bfb2bec3087992ce39a03e82bb5e2f3d1275b

    • SHA256

      2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e

    • SHA512

      a3eca1b13711ab0de7f22ab0d933811dfd0f9f4f8947fa992c26ef74153e74a871192adfcc1d6692bf30e6685b9189990232a10daa5bfbc4a7ca59a69f7f7b6b

    • SSDEEP

      3072:yf8wNOO5/bHoUYmxF44UkbZEvoA7HjeG6PDkX:yn5dn4rkWgCHje97

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Modifies firewall policy service

    • Windows security bypass

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Windows security modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks