Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e9230a510605da7de0b985507c3bc096d605b136ce2cc3d453b3c43b64b12f8c

  • Size

    45KB

  • Sample

    221205-w81qsahe2x

  • MD5

    c4580e02273f478c145a970755b1f7ea

  • SHA1

    22239390d608e4bffb75aff91b0635d5663d043d

  • SHA256

    e9230a510605da7de0b985507c3bc096d605b136ce2cc3d453b3c43b64b12f8c

  • SHA512

    857ea0665c028d179c639a5d2f6f2e4d9c86ba7ed6475ddb4927055173039d7d6634a1551769a96e229cb567503c772d3eaa11e5dab8bd4a9b022785bb4ecb16

  • SSDEEP

    768:Aw5AROhbicRCh06JLAyb8LjxqL2P9ltyXweTCACUNBMoGfXcwghgLoq9S5wT+8le:ZxRicp6xAybaD1lK5CACUHMoGfMXkosq

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      e9230a510605da7de0b985507c3bc096d605b136ce2cc3d453b3c43b64b12f8c

    • Size

      45KB

    • MD5

      c4580e02273f478c145a970755b1f7ea

    • SHA1

      22239390d608e4bffb75aff91b0635d5663d043d

    • SHA256

      e9230a510605da7de0b985507c3bc096d605b136ce2cc3d453b3c43b64b12f8c

    • SHA512

      857ea0665c028d179c639a5d2f6f2e4d9c86ba7ed6475ddb4927055173039d7d6634a1551769a96e229cb567503c772d3eaa11e5dab8bd4a9b022785bb4ecb16

    • SSDEEP

      768:Aw5AROhbicRCh06JLAyb8LjxqL2P9ltyXweTCACUNBMoGfXcwghgLoq9S5wT+8le:ZxRicp6xAybaD1lK5CACUHMoGfMXkosq

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks