Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4a89a8a16e7096c088e391e172ad1ac4fbe4a45a81103b67431f39abcd6da9f2

  • Size

    4.0MB

  • Sample

    240727-1skrva1ajj

  • MD5

    81707fcfdb64a656c89fd031967cff4c

  • SHA1

    64f9caa0ef50532aa469d64f0c156e5219b14a27

  • SHA256

    4a89a8a16e7096c088e391e172ad1ac4fbe4a45a81103b67431f39abcd6da9f2

  • SHA512

    bd9040c53a6555b0a605dd625b767773dd098a2fb5bb0b9514e52657624b27998f4334d5cb16640657c9f524dd12a09367a439b0cb832ebe5c4b82c868fafaa3

  • SSDEEP

    98304:NkWnR8/Dl1Pwmel2OlvLuKvm/DNrOcmmMLCH5FVsk2Z9yW4fl9DdI:ILnPwm4FlT5oDNCcmzLCpn2ZGfXS

Malware Config

Targets

    • Target

      4a89a8a16e7096c088e391e172ad1ac4fbe4a45a81103b67431f39abcd6da9f2

    • Size

      4.0MB

    • MD5

      81707fcfdb64a656c89fd031967cff4c

    • SHA1

      64f9caa0ef50532aa469d64f0c156e5219b14a27

    • SHA256

      4a89a8a16e7096c088e391e172ad1ac4fbe4a45a81103b67431f39abcd6da9f2

    • SHA512

      bd9040c53a6555b0a605dd625b767773dd098a2fb5bb0b9514e52657624b27998f4334d5cb16640657c9f524dd12a09367a439b0cb832ebe5c4b82c868fafaa3

    • SSDEEP

      98304:NkWnR8/Dl1Pwmel2OlvLuKvm/DNrOcmmMLCH5FVsk2Z9yW4fl9DdI:ILnPwm4FlT5oDNCcmzLCpn2ZGfXS

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks