Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe

  • Size

    5.7MB

  • Sample

    240726-gpzl2szfrq

  • MD5

    a3c08ba1a63a6789186de34cd55ec710

  • SHA1

    a5abffea8b4fa8a7fdd45cf405a1dce25b5bda98

  • SHA256

    cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd

  • SHA512

    e8b3d3daea255a731bd0dc9c447542a0a5cecddcf1bb02fdfdd7eb30afcbd9a75e01e9889bfd8b95a165ff6ed0a2b2dc2dbf5a5866085d92e0877e5e4a5e8f85

  • SSDEEP

    98304:CXbBg9hU36OshoKyDvuIYc5AhVYEc4kZvRLoI0EJfNAIjvJJT1aOcKoS:CrBQ6qOshoKMuIkhVfstRL5Die1Zc

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

101.33.35.171:8080

Targets

    • Target

      cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe

    • Size

      5.7MB

    • MD5

      a3c08ba1a63a6789186de34cd55ec710

    • SHA1

      a5abffea8b4fa8a7fdd45cf405a1dce25b5bda98

    • SHA256

      cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd

    • SHA512

      e8b3d3daea255a731bd0dc9c447542a0a5cecddcf1bb02fdfdd7eb30afcbd9a75e01e9889bfd8b95a165ff6ed0a2b2dc2dbf5a5866085d92e0877e5e4a5e8f85

    • SSDEEP

      98304:CXbBg9hU36OshoKyDvuIYc5AhVYEc4kZvRLoI0EJfNAIjvJJT1aOcKoS:CrBQ6qOshoKMuIkhVfstRL5Die1Zc

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks