Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

64672e4402...7b.exe

windows7-x64

10

64672e4402...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29faf60a5e4334150dcf1188f2cc5d02.bin

  • Size

    6KB

  • Sample

    240114-bmdc5sacg7

  • MD5

    4d277d65f4890911820cc6d55a2c7a25

  • SHA1

    e0902a89de61b2c68ed3af0b57bb34696ad846f3

  • SHA256

    aff3c23e2028f00bdc8aab5fda25b08a56a81dd6caa51c33e4128afd4ffd65c8

  • SHA512

    9310d5cc702b78228f6437047321a2e042cf099f39967b6df007e8e08e9c5774e050b68d7fe8299ae3c6ce6008d290749bb32a3f6c812adaf55ade7e3d66bcf3

  • SSDEEP

    192:ngfHnBbk8za+TqfinWE8xJTkLah86+BOokUo3zyT:ngfHS8eWX8TkNBO6/

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://54.186.231.5:8000/iRm4

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Targets

    • Target

      64672e440233c0624ba97623be556888f354c3672b6623302be7f2f0e49a8d7b.exe

    • Size

      14KB

    • MD5

      29faf60a5e4334150dcf1188f2cc5d02

    • SHA1

      38e5b26f846f08c0861086eaddef993b6328a53d

    • SHA256

      64672e440233c0624ba97623be556888f354c3672b6623302be7f2f0e49a8d7b

    • SHA512

      abe497cb66e8ced67e8af731335fcd298ca2c4a662f7d24ab5b409fd9b51b8b048195e08cb345f2f68e7b58ce259bde2a6dcf931ba34e830b32a4c12efbc4631

    • SSDEEP

      192:D3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOQ3shejDMN1:KMCfrfQ6tBSIWceUN1

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks