Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

29e3ae47c7...fd.exe

windows7-x64

10

29e3ae47c7...fd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29e3ae47c7df4b865065a3fde56483fd.exe

  • Size

    4.7MB

  • Sample

    240129-fe4mksbgfm

  • MD5

    29e3ae47c7df4b865065a3fde56483fd

  • SHA1

    61fefecb5575cde7bbcffad97671f19aa53479e4

  • SHA256

    f4953dd47a1a35b12a94ce5c4fc5af2da86882070366a1684b8896a16bf636ec

  • SHA512

    c2fb61e9d866c2c0114066b30a923949323b8824106aab2f1c0d5ab9e33b7afd2f40bf28288f26daaaf690ef2c547a0b4d1827d7b081173b9e08c5f76a235afe

  • SSDEEP

    98304:Z3lXv+AIYyh+rUJ6K4RXf4M73r/BfohM+DmeDMpgTV:b+44+rUJ6K4RgqoXjYpg

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      29e3ae47c7df4b865065a3fde56483fd.exe

    • Size

      4.7MB

    • MD5

      29e3ae47c7df4b865065a3fde56483fd

    • SHA1

      61fefecb5575cde7bbcffad97671f19aa53479e4

    • SHA256

      f4953dd47a1a35b12a94ce5c4fc5af2da86882070366a1684b8896a16bf636ec

    • SHA512

      c2fb61e9d866c2c0114066b30a923949323b8824106aab2f1c0d5ab9e33b7afd2f40bf28288f26daaaf690ef2c547a0b4d1827d7b081173b9e08c5f76a235afe

    • SSDEEP

      98304:Z3lXv+AIYyh+rUJ6K4RXf4M73r/BfohM+DmeDMpgTV:b+44+rUJ6K4RgqoXjYpg

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks