Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
24/08/2023, 03:22
Behavioral task
behavioral1
Sample
337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe
Resource
win10v2004-20230703-en
General
-
Target
337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe
-
Size
68KB
-
MD5
b174d60c1dd7af07bdebeb7b49a0b02e
-
SHA1
78a5b281841f9556f8945ce0ebb92a5062e4a88c
-
SHA256
337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c
-
SHA512
20e97b4cdfa135d3f7aaf3850f99ad4dcb749e20ab23c2cf175b8c16c5591140000d8aa5937996f47f4288c71f556136b0995ad9cce50bd514869a09837ae9e0
-
SSDEEP
768:ApVgsUQhyqz60zOL2H8PBe6wcFA+9oma:ApV1UQtzRzO2H8PBbFema
Malware Config
Extracted
cobaltstrike
http://192.168.7.130:6777/SiTM
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; yie9)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.