Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29e3ae47c7df4b865065a3fde56483fd.exe

  • Size

    4.7MB

  • Sample

    240129-fe4mksbgfm

  • MD5

    29e3ae47c7df4b865065a3fde56483fd

  • SHA1

    61fefecb5575cde7bbcffad97671f19aa53479e4

  • SHA256

    f4953dd47a1a35b12a94ce5c4fc5af2da86882070366a1684b8896a16bf636ec

  • SHA512

    c2fb61e9d866c2c0114066b30a923949323b8824106aab2f1c0d5ab9e33b7afd2f40bf28288f26daaaf690ef2c547a0b4d1827d7b081173b9e08c5f76a235afe

  • SSDEEP

    98304:Z3lXv+AIYyh+rUJ6K4RXf4M73r/BfohM+DmeDMpgTV:b+44+rUJ6K4RgqoXjYpg

Malware Config

Targets

    • Target

      29e3ae47c7df4b865065a3fde56483fd.exe

    • Size

      4.7MB

    • MD5

      29e3ae47c7df4b865065a3fde56483fd

    • SHA1

      61fefecb5575cde7bbcffad97671f19aa53479e4

    • SHA256

      f4953dd47a1a35b12a94ce5c4fc5af2da86882070366a1684b8896a16bf636ec

    • SHA512

      c2fb61e9d866c2c0114066b30a923949323b8824106aab2f1c0d5ab9e33b7afd2f40bf28288f26daaaf690ef2c547a0b4d1827d7b081173b9e08c5f76a235afe

    • SSDEEP

      98304:Z3lXv+AIYyh+rUJ6K4RXf4M73r/BfohM+DmeDMpgTV:b+44+rUJ6K4RgqoXjYpg

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks