Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    96a14b9d739b4fd978c3149b5fe2a77143a66c0a0028870c72681848d8c34651

  • Size

    307KB

  • Sample

    221201-zmc95sad52

  • MD5

    4c460eee73242287483d95dba11b9aea

  • SHA1

    8c92413171df477459d80021bb06d3c716d53bb9

  • SHA256

    96a14b9d739b4fd978c3149b5fe2a77143a66c0a0028870c72681848d8c34651

  • SHA512

    adacdf17ffaeda0ef4fbfa941dae44cd45f251e9897e8b9e9e5fa39d8451792f9c9edfabaf9432cba343266a8775c088b3c7de9d063a40130c7275c0e1d19c7a

  • SSDEEP

    6144:mTfz/T72Y0SCzinYKTY1SQshfRPVQe1MZkIYSccr7wbstOYPECYeixlYGicA:mTrb7SStYsY1UMqMZJYSN7wbstOY8fvi

Malware Config

Targets

    • Target

      96a14b9d739b4fd978c3149b5fe2a77143a66c0a0028870c72681848d8c34651

    • Size

      307KB

    • MD5

      4c460eee73242287483d95dba11b9aea

    • SHA1

      8c92413171df477459d80021bb06d3c716d53bb9

    • SHA256

      96a14b9d739b4fd978c3149b5fe2a77143a66c0a0028870c72681848d8c34651

    • SHA512

      adacdf17ffaeda0ef4fbfa941dae44cd45f251e9897e8b9e9e5fa39d8451792f9c9edfabaf9432cba343266a8775c088b3c7de9d063a40130c7275c0e1d19c7a

    • SSDEEP

      6144:mTfz/T72Y0SCzinYKTY1SQshfRPVQe1MZkIYSccr7wbstOYPECYeixlYGicA:mTrb7SStYsY1UMqMZJYSN7wbstOY8fvi

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks