Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    830b07c65965309d93c2275e670e790c4f11e4ac29c2e60f4f9c94ffb2213ac1

  • Size

    4.9MB

  • Sample

    240707-zmvt7azgnc

  • MD5

    0535ff5693c005e3477f56e2e40af06a

  • SHA1

    8d8c7a5de465b4fa7bc0f585f03dfb2f1a2c1e92

  • SHA256

    830b07c65965309d93c2275e670e790c4f11e4ac29c2e60f4f9c94ffb2213ac1

  • SHA512

    778e401a4499d0a2852bc20b039ae3295ddfece3d49bea452489c495fbf38b877a0d95137aa60a982b76248f1d6927d23d96117854c901bc4e053d6b22185deb

  • SSDEEP

    98304:CbEGKiABmNB3qozE5XBpKl8WRWaDHmO8eNBVvDCOMF2d1qM0jRzOqb/uoRFQxP:48Pmj3qozoRpKl8sWaDGOrZ+OiRjRzDy

Malware Config

Targets

    • Target

      830b07c65965309d93c2275e670e790c4f11e4ac29c2e60f4f9c94ffb2213ac1

    • Size

      4.9MB

    • MD5

      0535ff5693c005e3477f56e2e40af06a

    • SHA1

      8d8c7a5de465b4fa7bc0f585f03dfb2f1a2c1e92

    • SHA256

      830b07c65965309d93c2275e670e790c4f11e4ac29c2e60f4f9c94ffb2213ac1

    • SHA512

      778e401a4499d0a2852bc20b039ae3295ddfece3d49bea452489c495fbf38b877a0d95137aa60a982b76248f1d6927d23d96117854c901bc4e053d6b22185deb

    • SSDEEP

      98304:CbEGKiABmNB3qozE5XBpKl8WRWaDHmO8eNBVvDCOMF2d1qM0jRzOqb/uoRFQxP:48Pmj3qozoRpKl8sWaDGOrZ+OiRjRzDy

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks