Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

17089a4d4a...b6.exe

windows7-x64

10

17089a4d4a...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17089a4d4ab27cc03a9f4b5d6cd73c3d9a1c0217813718e36b4b2a3bbaceeab6

  • Size

    19KB

  • Sample

    231225-qwfl7adbd2

  • MD5

    3a405be55e86ccd97d8d953c3fa3729a

  • SHA1

    1eb510d2847a3afce85afa4b034cff0460096a02

  • SHA256

    17089a4d4ab27cc03a9f4b5d6cd73c3d9a1c0217813718e36b4b2a3bbaceeab6

  • SHA512

    32b50e54ca2bc51aa043e3e9ceff69eefaae8c92c655986728a130aab1a882e35159aa56993397eb89431aad1d06685400a9d222eb0fa981f53c23bafda2f4ae

  • SSDEEP

    192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Fy/H1KWF8qa1Dojjgi:iqaCF31cix+Dc4zjf/NFF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.80.131:80/lhHA

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Targets

    • Target

      17089a4d4ab27cc03a9f4b5d6cd73c3d9a1c0217813718e36b4b2a3bbaceeab6

    • Size

      19KB

    • MD5

      3a405be55e86ccd97d8d953c3fa3729a

    • SHA1

      1eb510d2847a3afce85afa4b034cff0460096a02

    • SHA256

      17089a4d4ab27cc03a9f4b5d6cd73c3d9a1c0217813718e36b4b2a3bbaceeab6

    • SHA512

      32b50e54ca2bc51aa043e3e9ceff69eefaae8c92c655986728a130aab1a882e35159aa56993397eb89431aad1d06685400a9d222eb0fa981f53c23bafda2f4ae

    • SSDEEP

      192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Fy/H1KWF8qa1Dojjgi:iqaCF31cix+Dc4zjf/NFF46gi

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks