Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d3afe056c2b3c186fc772f07d189d7ac4a5f4fc3932de3e72828b106e243b8f

  • Size

    5.5MB

  • Sample

    240525-hgahmahf5v

  • MD5

    6bf46537d2ae41697abbb1c15e8999fd

  • SHA1

    395a4bad25653271319fd31df706dc43d5310e6d

  • SHA256

    3d3afe056c2b3c186fc772f07d189d7ac4a5f4fc3932de3e72828b106e243b8f

  • SHA512

    80f91cfdab0b6297cc7f9d60338d425cf41edb381ff9816769c11c04b16ee2718f4cd76e53b950482b89ed9eb217e52461e5fe8ddd281c3f1aa0ea3884e49026

  • SSDEEP

    98304:mY9IiV5930k/zsAvg4odLC7HhzvVCIg5uOE5xbatLpYcB9uPTiK:x9Ii10k/zsOMFC7BzxquOE5qLpYw9uPj

Malware Config

Targets

    • Target

      3d3afe056c2b3c186fc772f07d189d7ac4a5f4fc3932de3e72828b106e243b8f

    • Size

      5.5MB

    • MD5

      6bf46537d2ae41697abbb1c15e8999fd

    • SHA1

      395a4bad25653271319fd31df706dc43d5310e6d

    • SHA256

      3d3afe056c2b3c186fc772f07d189d7ac4a5f4fc3932de3e72828b106e243b8f

    • SHA512

      80f91cfdab0b6297cc7f9d60338d425cf41edb381ff9816769c11c04b16ee2718f4cd76e53b950482b89ed9eb217e52461e5fe8ddd281c3f1aa0ea3884e49026

    • SSDEEP

      98304:mY9IiV5930k/zsAvg4odLC7HhzvVCIg5uOE5xbatLpYcB9uPTiK:x9Ii10k/zsOMFC7BzxquOE5qLpYw9uPj

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks