Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1df2404b219f379389a6297cfb1d53fa

  • Size

    149KB

  • Sample

    231225-pjq2qacdf7

  • MD5

    1df2404b219f379389a6297cfb1d53fa

  • SHA1

    d7847a487795efd429428012a935c447e75b4040

  • SHA256

    30cb4b61563bd49db7d74d18c532ed48409cebf9d8c827b24363537c14cdd124

  • SHA512

    3bb8f84885777f04a1081614f0f9dfced8b97389406b908abf581b062b588872ab012fdddbb7d41e2ce690f91ee3f6d713f4047af56f35d3d7584f4619cd6dfd

  • SSDEEP

    3072:eliUPXC8k1nJrX+fNTBf7iAT2Rc2Y7zBTLwYQbOSD12VgF:ezBkLL2NTBTiYCc2YfBISSD12V

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_winhttp

C2

https://103.129.196.29:23351/uhxeugBw/4pV-7FpcH2Huc-9yjo632Q2HkuwXDsb3zHxqqkPeP003czr_e

Targets

    • Target

      1df2404b219f379389a6297cfb1d53fa

    • Size

      149KB

    • MD5

      1df2404b219f379389a6297cfb1d53fa

    • SHA1

      d7847a487795efd429428012a935c447e75b4040

    • SHA256

      30cb4b61563bd49db7d74d18c532ed48409cebf9d8c827b24363537c14cdd124

    • SHA512

      3bb8f84885777f04a1081614f0f9dfced8b97389406b908abf581b062b588872ab012fdddbb7d41e2ce690f91ee3f6d713f4047af56f35d3d7584f4619cd6dfd

    • SSDEEP

      3072:eliUPXC8k1nJrX+fNTBf7iAT2Rc2Y7zBTLwYQbOSD12VgF:ezBkLL2NTBTiYCc2YfBISSD12V

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks