Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4fa524896f7acb979cb8900b03479272.exe

  • Size

    5.0MB

  • Sample

    240613-wlvw1s1fpn

  • MD5

    4fa524896f7acb979cb8900b03479272

  • SHA1

    d051e47915937d64fb6fcd4a3640c345ad892a18

  • SHA256

    7f2e61445c1de7e7f873e136d65e79c54aef5c91fc9239286d198162779312d0

  • SHA512

    8ff818f1a2a3f149bc93d1ba6998a32e3985f1c0bc5ef9f60b2b19ee346982c85ec895db0e9195dd00635d5ce61d9de33e6b896d4ca7e0eab02be6e23b39743d

  • SSDEEP

    98304:m+29v/40m11zG86IPCx1aB1XGLIxbPvEeQ2bwRwgJbwqaHoyMf3j3RDRe:bSv/4l1pz6laBYIJnPsag+qaHoFRD0

Malware Config

Extracted

Family

socks5systemz

C2

bdllgev.com

http://bdllgev.com/search/?q=67e28dd86f5ff42d4509ac187c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4de8889b5e4fa9281ae978f771ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a6f8dff10c7eb97

boltsoe.com

http://boltsoe.com/search/?q=67e28dd83a5da32a155afd1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff712c0ee929e3a

Targets

    • Target

      4fa524896f7acb979cb8900b03479272.exe

    • Size

      5.0MB

    • MD5

      4fa524896f7acb979cb8900b03479272

    • SHA1

      d051e47915937d64fb6fcd4a3640c345ad892a18

    • SHA256

      7f2e61445c1de7e7f873e136d65e79c54aef5c91fc9239286d198162779312d0

    • SHA512

      8ff818f1a2a3f149bc93d1ba6998a32e3985f1c0bc5ef9f60b2b19ee346982c85ec895db0e9195dd00635d5ce61d9de33e6b896d4ca7e0eab02be6e23b39743d

    • SSDEEP

      98304:m+29v/40m11zG86IPCx1aB1XGLIxbPvEeQ2bwRwgJbwqaHoyMf3j3RDRe:bSv/4l1pz6laBYIJnPsag+qaHoFRD0

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.