Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3150a979e720ba9a168ac4d2f2981af1d94cc2a92f128b00b03e82e0646ae32b

  • Size

    5.2MB

  • Sample

    240716-la7fkayalh

  • MD5

    9ed525fc8e2e9aa3afff6aea16ea27f5

  • SHA1

    77701603367ae89c98111a5bc50c4d223bf77335

  • SHA256

    3150a979e720ba9a168ac4d2f2981af1d94cc2a92f128b00b03e82e0646ae32b

  • SHA512

    3515a42ffcf1a444153f90f9a9f13ea4d1cd615b56666acaf3ff5f30f13f28928a0e52ebdfa1eea198bd837d14e809d2c2451df842e6eb2980fc549a84d60b1b

  • SSDEEP

    98304:CDLpgIJdS0+LbAgpmhkx5oPBOmyysWKMBXyyTpZiLgo6QxQQ:sLbJ0lbAgpmekPIZy7KMpyKiLgBQr

Malware Config

Targets

    • Target

      3150a979e720ba9a168ac4d2f2981af1d94cc2a92f128b00b03e82e0646ae32b

    • Size

      5.2MB

    • MD5

      9ed525fc8e2e9aa3afff6aea16ea27f5

    • SHA1

      77701603367ae89c98111a5bc50c4d223bf77335

    • SHA256

      3150a979e720ba9a168ac4d2f2981af1d94cc2a92f128b00b03e82e0646ae32b

    • SHA512

      3515a42ffcf1a444153f90f9a9f13ea4d1cd615b56666acaf3ff5f30f13f28928a0e52ebdfa1eea198bd837d14e809d2c2451df842e6eb2980fc549a84d60b1b

    • SSDEEP

      98304:CDLpgIJdS0+LbAgpmhkx5oPBOmyysWKMBXyyTpZiLgo6QxQQ:sLbJ0lbAgpmekPIZy7KMpyKiLgBQr

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks