Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e
-
Size
115KB
-
Sample
221010-3aqw9adfd4
-
MD5
535373661a6c5ac8b76c0bb8ba6f8547
-
SHA1
bf6bfb2bec3087992ce39a03e82bb5e2f3d1275b
-
SHA256
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e
-
SHA512
a3eca1b13711ab0de7f22ab0d933811dfd0f9f4f8947fa992c26ef74153e74a871192adfcc1d6692bf30e6685b9189990232a10daa5bfbc4a7ca59a69f7f7b6b
-
SSDEEP
3072:yf8wNOO5/bHoUYmxF44UkbZEvoA7HjeG6PDkX:yn5dn4rkWgCHje97
Static task
static1
Behavioral task
behavioral1
Sample
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e
-
Size
115KB
-
MD5
535373661a6c5ac8b76c0bb8ba6f8547
-
SHA1
bf6bfb2bec3087992ce39a03e82bb5e2f3d1275b
-
SHA256
2a798ce30425b601aadbe3f720b9e33707b7daa135bf23041e3deddcd3f6177e
-
SHA512
a3eca1b13711ab0de7f22ab0d933811dfd0f9f4f8947fa992c26ef74153e74a871192adfcc1d6692bf30e6685b9189990232a10daa5bfbc4a7ca59a69f7f7b6b
-
SSDEEP
3072:yf8wNOO5/bHoUYmxF44UkbZEvoA7HjeG6PDkX:yn5dn4rkWgCHje97
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies firewall policy service
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-