Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1cb39489286f6086c1e4cf78f34c9b271abceb495dad8a227d41e65284d7fa8b

  • Size

    6.5MB

  • Sample

    240601-v9x6lsaa2t

  • MD5

    174b7e036d94d650f4c96cb6fae1a10b

  • SHA1

    e741d242c0063d690ed3eae79ed6beb32ecac713

  • SHA256

    1cb39489286f6086c1e4cf78f34c9b271abceb495dad8a227d41e65284d7fa8b

  • SHA512

    ce38f03de85b25f75f899a188a8b684722f50b4462ee2c2b52d670509f7208bdc111e5d69f7c7031f2d54e3765b795acf9fdb25b0d11576dfbab98ef69b6ee54

  • SSDEEP

    196608:4zTKRvLt7teb0QM6Ic68B6YMOeWXmPk0R7cAEw:46Jt7tgzMqHBXM/MmP5Ynw

Malware Config

Targets

    • Target

      1cb39489286f6086c1e4cf78f34c9b271abceb495dad8a227d41e65284d7fa8b

    • Size

      6.5MB

    • MD5

      174b7e036d94d650f4c96cb6fae1a10b

    • SHA1

      e741d242c0063d690ed3eae79ed6beb32ecac713

    • SHA256

      1cb39489286f6086c1e4cf78f34c9b271abceb495dad8a227d41e65284d7fa8b

    • SHA512

      ce38f03de85b25f75f899a188a8b684722f50b4462ee2c2b52d670509f7208bdc111e5d69f7c7031f2d54e3765b795acf9fdb25b0d11576dfbab98ef69b6ee54

    • SSDEEP

      196608:4zTKRvLt7teb0QM6Ic68B6YMOeWXmPk0R7cAEw:46Jt7tgzMqHBXM/MmP5Ynw

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks