Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d93edcb4cb1503b1886957e50c53582d3d7105974a7b737cd3f166443d8107a8

  • Size

    4.9MB

  • Sample

    240706-txw74svcrk

  • MD5

    3826c8fb8a2b5c55df63303f0210fc52

  • SHA1

    fca401b5524c4b7ce101095ef400c17b3770a867

  • SHA256

    d93edcb4cb1503b1886957e50c53582d3d7105974a7b737cd3f166443d8107a8

  • SHA512

    cc06112d56572c4b0385614fbd2ff9da7edc8e80687b0b243cef6371d40677ee722e80ad3ac6c74fbb7d4fb3bf2f6e88126b532537dcce396735bbe794c7eaf1

  • SSDEEP

    98304:CF82m6s6p6JrEebEW3YjUm7YnBjyZ8wljrx4uZvylIy1XgNOUXQx0:52mf6p6hw0COBjyZbjH6IyxIOIQW

Malware Config

Targets

    • Target

      d93edcb4cb1503b1886957e50c53582d3d7105974a7b737cd3f166443d8107a8

    • Size

      4.9MB

    • MD5

      3826c8fb8a2b5c55df63303f0210fc52

    • SHA1

      fca401b5524c4b7ce101095ef400c17b3770a867

    • SHA256

      d93edcb4cb1503b1886957e50c53582d3d7105974a7b737cd3f166443d8107a8

    • SHA512

      cc06112d56572c4b0385614fbd2ff9da7edc8e80687b0b243cef6371d40677ee722e80ad3ac6c74fbb7d4fb3bf2f6e88126b532537dcce396735bbe794c7eaf1

    • SSDEEP

      98304:CF82m6s6p6JrEebEW3YjUm7YnBjyZ8wljrx4uZvylIy1XgNOUXQx0:52mf6p6hw0COBjyZbjH6IyxIOIQW

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks