Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c
-
Size
4.8MB
-
Sample
240531-sjkrgscg69
-
MD5
1e44c054f8c676e87c20cc2e60aa4d43
-
SHA1
712043656c1410aff0ceaa41dacf832fa7efd94e
-
SHA256
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c
-
SHA512
768b5ed11447ab1d98af7858cdca515e51f204f5258271cc8fbf8ef1116c8c1b43f89d80cc1893d25078a4485f9dc59599e2c596d2d6277f2f74796b29b09ea8
-
SSDEEP
98304:mne2eIdS4KWwHF6gyhMrZV7yjduvPI4zyWxfGIwtyGUWO:Ke2eoKncf6rj7Ad0CWRnwQAO
Static task
static1
Behavioral task
behavioral1
Sample
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bvuebwm.com
ejagbua.ua
Targets
-
-
Target
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c
-
Size
4.8MB
-
MD5
1e44c054f8c676e87c20cc2e60aa4d43
-
SHA1
712043656c1410aff0ceaa41dacf832fa7efd94e
-
SHA256
629a7daf82513bcf794aa8aca517bd3e1c6c3023212aebb09b565ea5e634016c
-
SHA512
768b5ed11447ab1d98af7858cdca515e51f204f5258271cc8fbf8ef1116c8c1b43f89d80cc1893d25078a4485f9dc59599e2c596d2d6277f2f74796b29b09ea8
-
SSDEEP
98304:mne2eIdS4KWwHF6gyhMrZV7yjduvPI4zyWxfGIwtyGUWO:Ke2eoKncf6rj7Ad0CWRnwQAO
Score10/10-
Detect Socks5Systemz Payload
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-