Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f93c1a75610c100c28b6fce293d060fa72cd240f76981ed54cab97e7d2c1ade.exe

  • Size

    6.6MB

  • Sample

    240602-bjzrzadf3z

  • MD5

    5c55c1f09f2a059c4becf458ec9e89da

  • SHA1

    b95b2a349d01f06772b4c1b0956103cfa0d4427d

  • SHA256

    4f93c1a75610c100c28b6fce293d060fa72cd240f76981ed54cab97e7d2c1ade

  • SHA512

    28d76f9392bf4bc67d887a5a44fba5f28852559a9705af86cb58387c71b189f0154bb91588feb699d3d92f6b97d8b3ae16d4b6f49a5ae75f707a24197a573b75

  • SSDEEP

    196608:hEHTDk7lvk1pPlyfMbb9p+HOQDB4NHuK9mZKITph:AA7ls1pUfMX94uQDuNHuKaH9h

Malware Config

Targets

    • Target

      4f93c1a75610c100c28b6fce293d060fa72cd240f76981ed54cab97e7d2c1ade.exe

    • Size

      6.6MB

    • MD5

      5c55c1f09f2a059c4becf458ec9e89da

    • SHA1

      b95b2a349d01f06772b4c1b0956103cfa0d4427d

    • SHA256

      4f93c1a75610c100c28b6fce293d060fa72cd240f76981ed54cab97e7d2c1ade

    • SHA512

      28d76f9392bf4bc67d887a5a44fba5f28852559a9705af86cb58387c71b189f0154bb91588feb699d3d92f6b97d8b3ae16d4b6f49a5ae75f707a24197a573b75

    • SSDEEP

      196608:hEHTDk7lvk1pPlyfMbb9p+HOQDB4NHuK9mZKITph:AA7ls1pUfMX94uQDuNHuKaH9h

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Detects executables packed with VMProtect.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks