Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1b9b5877d6530881a909e0f85dd96bd604c169aebd69857971cb04d277814ea2

  • Size

    5.0MB

  • Sample

    240711-2fpqpszbjd

  • MD5

    ea344d7db6cdeb89587f63ce34c634da

  • SHA1

    84e0acfd0a6ccf5fa0ff5eef892afd016f20cf20

  • SHA256

    1b9b5877d6530881a909e0f85dd96bd604c169aebd69857971cb04d277814ea2

  • SHA512

    114b821aa33e50d9d460bb80ef11b268e75e6ad8b985efe44e3f6886e6433e6bc5177f92920cfb76799c03b69e24f41ed9b0a0f11282d3407a96e262faf8746e

  • SSDEEP

    98304:CPU0pdNun3hTIExcmUFzUU1g600oF0lA6RZoovdS5TtP73JWIvMQxeR:2Nu3uljz31hI0lAQZPs73JWfQw

Malware Config

Targets

    • Target

      1b9b5877d6530881a909e0f85dd96bd604c169aebd69857971cb04d277814ea2

    • Size

      5.0MB

    • MD5

      ea344d7db6cdeb89587f63ce34c634da

    • SHA1

      84e0acfd0a6ccf5fa0ff5eef892afd016f20cf20

    • SHA256

      1b9b5877d6530881a909e0f85dd96bd604c169aebd69857971cb04d277814ea2

    • SHA512

      114b821aa33e50d9d460bb80ef11b268e75e6ad8b985efe44e3f6886e6433e6bc5177f92920cfb76799c03b69e24f41ed9b0a0f11282d3407a96e262faf8746e

    • SSDEEP

      98304:CPU0pdNun3hTIExcmUFzUU1g600oF0lA6RZoovdS5TtP73JWIvMQxeR:2Nu3uljz31hI0lAQZPs73JWfQw

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks