Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cef8b12b6541259d5fc2001e648b8fe33d58a001745a2bbe4cc9068bb961de2e

  • Size

    6.7MB

  • Sample

    240724-en3wzazhjb

  • MD5

    39c9e80e32b15c9010648e422e412ea1

  • SHA1

    7053c8f8e505cbb18b4fa4cbc2e732b4f01f5362

  • SHA256

    cef8b12b6541259d5fc2001e648b8fe33d58a001745a2bbe4cc9068bb961de2e

  • SHA512

    430fb5def8e95c34f5b2a01ced0d07f9d10c3709795158e670a19b48e18701f8d9a5e5ea5a75d07661670f0ea7ec0ec5401fc0d502c005c5e1f2121b7e200499

  • SSDEEP

    98304:yieZa9eR1unPOAySJBA6UoVcV3O/LBNO10XGFudYb5xAuNTkQa0/d5N20TfMnkj:34uPGAZL2pOTBNqQGNBNXaC5cMfwq

Malware Config

Targets

    • Target

      cef8b12b6541259d5fc2001e648b8fe33d58a001745a2bbe4cc9068bb961de2e

    • Size

      6.7MB

    • MD5

      39c9e80e32b15c9010648e422e412ea1

    • SHA1

      7053c8f8e505cbb18b4fa4cbc2e732b4f01f5362

    • SHA256

      cef8b12b6541259d5fc2001e648b8fe33d58a001745a2bbe4cc9068bb961de2e

    • SHA512

      430fb5def8e95c34f5b2a01ced0d07f9d10c3709795158e670a19b48e18701f8d9a5e5ea5a75d07661670f0ea7ec0ec5401fc0d502c005c5e1f2121b7e200499

    • SSDEEP

      98304:yieZa9eR1unPOAySJBA6UoVcV3O/LBNO10XGFudYb5xAuNTkQa0/d5N20TfMnkj:34uPGAZL2pOTBNqQGNBNXaC5cMfwq

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks