Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
30/05/2024, 09:38 UTC
General
-
Target
eede83eabcd38f037173a003a2db422ca9570fb4d757949a67c6cb42423867d8.exe
-
Size
227KB
-
MD5
9746cc10db59b869cbed259f26cd4e66
-
SHA1
824f4701d4e663d5a7b7ef454d5f259dcf9f6133
-
SHA256
eede83eabcd38f037173a003a2db422ca9570fb4d757949a67c6cb42423867d8
-
SHA512
18b7aa68bfb6dfb1bc15423c6139e83019107473f58f6910c6e45062afe8a043ed7276ea803e26a00dd07bb42c612648f31d13180ef5122b1f3d07411e153aa2
-
SSDEEP
3072:AmImhddwADOg6ZtlCmrRdb/qm20o3T4ZUCoCJlevzBaoY46OYRJq2luL1h:sYd9DoZtlCmrRdb/RX8fCJpohOg1
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://123.207.51.53:62221/CSzM
Attributes
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUSMSNIP)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\eede83eabcd38f037173a003a2db422ca9570fb4d757949a67c6cb42423867d8.exe"C:\Users\Admin\AppData\Local\Temp\eede83eabcd38f037173a003a2db422ca9570fb4d757949a67c6cb42423867d8.exe"1⤵
Network
- No results found
-
123.207.51.53:62221 -
123.207.51.53:62221
-
123.207.51.53:62221
-
123.207.51.53:62221
-
123.207.51.53:62221
-
123.207.51.53:62221
-
123.207.51.53:62221
-
123.207.51.53:62221
No results found
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
1024KB