Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
2s -
max time network
35s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
06/05/2023, 23:59 UTC
General
-
Target
20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe
-
Size
5.0MB
-
MD5
c21d96eb8a9e9ecad75a400108c697cc
-
SHA1
5072be679c8d9865fcb965a25d10988493cc2e33
-
SHA256
56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232
-
SHA512
c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07
-
SSDEEP
49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA
Malware Config
Signatures
-
Matiex
Matiex is a keylogger and infostealer first seen in July 2020.
-
Matiex Main payload 1 IoCs
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
-
Snake Keylogger payload 1 IoCs
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe"C:\Users\Admin\AppData\Local\Temp\20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.0MB