Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0df55988c016ca5853fbfe50690be0d80e02ecaf3f19f78a616121c5885ad1ed

  • Size

    4.7MB

  • Sample

    240515-e88b7ahf84

  • MD5

    e5e23787ec50d71208a32b63304c3169

  • SHA1

    66a677dc220c924b3ee33fa72218b3490215328a

  • SHA256

    0df55988c016ca5853fbfe50690be0d80e02ecaf3f19f78a616121c5885ad1ed

  • SHA512

    66881400417e00d9ec38fb2b225deb3c5b6321b5f77b38cbf762c8f597f3988bf83e708f72f3394e34f0156e993b9308b13a2fd30eff63572f4b45f2555c81a5

  • SSDEEP

    98304:KYGmEtw0dnFNEzrT2HB/6ybaGbN1MheX1duVIsi8QtD9JNHvp:KY8W0dYHuBh2G51MidZ5JNHvp

Malware Config

Targets

    • Target

      0df55988c016ca5853fbfe50690be0d80e02ecaf3f19f78a616121c5885ad1ed

    • Size

      4.7MB

    • MD5

      e5e23787ec50d71208a32b63304c3169

    • SHA1

      66a677dc220c924b3ee33fa72218b3490215328a

    • SHA256

      0df55988c016ca5853fbfe50690be0d80e02ecaf3f19f78a616121c5885ad1ed

    • SHA512

      66881400417e00d9ec38fb2b225deb3c5b6321b5f77b38cbf762c8f597f3988bf83e708f72f3394e34f0156e993b9308b13a2fd30eff63572f4b45f2555c81a5

    • SSDEEP

      98304:KYGmEtw0dnFNEzrT2HB/6ybaGbN1MheX1duVIsi8QtD9JNHvp:KY8W0dYHuBh2G51MidZ5JNHvp

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks