Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e1f715c37d2d5fed0be21cdf07acce133eba0897f7d2370de8784bbdb7779596

  • Size

    11KB

  • Sample

    230822-rbpj2acf37

  • MD5

    fcc4c4e38bc1368acaa5926bc976436f

  • SHA1

    1392d6785477bc81aadb6a3920bbbb9f0e5aeb6a

  • SHA256

    e1f715c37d2d5fed0be21cdf07acce133eba0897f7d2370de8784bbdb7779596

  • SHA512

    d8d153ac6265abcb7793ed1f247e28c9933a74af9e1c90b71316a8aefbd364bb17374fbf1e2acd430dadd29f978c904d204596f1c5944fed5b3fa69f9e8c845c

  • SSDEEP

    192:2mJbN+4Je67uhKS2ao9LRsJ6RR5mAVohSGAnYnkyUxaVXFaL1wcWk5:zJdeGP9L6J6RR5mxhmnYnnUxaVXALJ5

Malware Config

Extracted

Family

cobaltstrike

C2

http://116.211.148.181:800/Tbo8

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALCJS)

Targets

    • Target

      e1f715c37d2d5fed0be21cdf07acce133eba0897f7d2370de8784bbdb7779596

    • Size

      11KB

    • MD5

      fcc4c4e38bc1368acaa5926bc976436f

    • SHA1

      1392d6785477bc81aadb6a3920bbbb9f0e5aeb6a

    • SHA256

      e1f715c37d2d5fed0be21cdf07acce133eba0897f7d2370de8784bbdb7779596

    • SHA512

      d8d153ac6265abcb7793ed1f247e28c9933a74af9e1c90b71316a8aefbd364bb17374fbf1e2acd430dadd29f978c904d204596f1c5944fed5b3fa69f9e8c845c

    • SSDEEP

      192:2mJbN+4Je67uhKS2ao9LRsJ6RR5mAVohSGAnYnkyUxaVXFaL1wcWk5:zJdeGP9L6J6RR5mxhmnYnnUxaVXALJ5

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks