Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9cb95b31fa90da4b9ae112e48c5b5e86bbe719e61995715b5c502b94d8be562d

  • Size

    4.5MB

  • Sample

    240526-m7t26sgb2v

  • MD5

    07d1a87a4ffcf5d632190d8cdfedbc81

  • SHA1

    f9bb42f040d9262f6367307a759f3a4ea4e7382c

  • SHA256

    9cb95b31fa90da4b9ae112e48c5b5e86bbe719e61995715b5c502b94d8be562d

  • SHA512

    f4b7c18129402533376f7de905af069637aab919d521f28c8febe11dad215e47f2cbcb7fbe97c9af1af7fa647362589087dad2b4ecd084ac5a8cda7a86d8c7bf

  • SSDEEP

    98304:m5XeR8zd469Wa7fjYgTvLUL15Y+7zvDQkja8XRXzY7J:Eeu4Jarj255Y+7XQkvBXsF

Malware Config

Targets

    • Target

      9cb95b31fa90da4b9ae112e48c5b5e86bbe719e61995715b5c502b94d8be562d

    • Size

      4.5MB

    • MD5

      07d1a87a4ffcf5d632190d8cdfedbc81

    • SHA1

      f9bb42f040d9262f6367307a759f3a4ea4e7382c

    • SHA256

      9cb95b31fa90da4b9ae112e48c5b5e86bbe719e61995715b5c502b94d8be562d

    • SHA512

      f4b7c18129402533376f7de905af069637aab919d521f28c8febe11dad215e47f2cbcb7fbe97c9af1af7fa647362589087dad2b4ecd084ac5a8cda7a86d8c7bf

    • SSDEEP

      98304:m5XeR8zd469Wa7fjYgTvLUL15Y+7zvDQkja8XRXzY7J:Eeu4Jarj255Y+7XQkvBXsF

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks