Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9dfcb56eb13219120960edfcc7d5ed318e1ec450f1070e06235467e51f9aeaac

  • Size

    3.9MB

  • Sample

    240808-2mf25s1fnm

  • MD5

    b1c0ec170f6a1d7e41c422ce8c8f5e74

  • SHA1

    4bdd11428931f138154de3c49afc02eb75171ea5

  • SHA256

    9dfcb56eb13219120960edfcc7d5ed318e1ec450f1070e06235467e51f9aeaac

  • SHA512

    08aa39cc4e12f6e83bd0ac83f939514e3d50c7edca118dc3edef8ada4c4b16f2c2b46331a02d39bfe20934fc25498b1fe1e851b356247afbe21bfa2069ca3d18

  • SSDEEP

    98304:NZQFZAtgqI/kqGBnRAC6L4Px9AuvyGUe1FNA+und3:CAQkNRQL4J9AXjGFsn9

Malware Config

Targets

    • Target

      9dfcb56eb13219120960edfcc7d5ed318e1ec450f1070e06235467e51f9aeaac

    • Size

      3.9MB

    • MD5

      b1c0ec170f6a1d7e41c422ce8c8f5e74

    • SHA1

      4bdd11428931f138154de3c49afc02eb75171ea5

    • SHA256

      9dfcb56eb13219120960edfcc7d5ed318e1ec450f1070e06235467e51f9aeaac

    • SHA512

      08aa39cc4e12f6e83bd0ac83f939514e3d50c7edca118dc3edef8ada4c4b16f2c2b46331a02d39bfe20934fc25498b1fe1e851b356247afbe21bfa2069ca3d18

    • SSDEEP

      98304:NZQFZAtgqI/kqGBnRAC6L4Px9AuvyGUe1FNA+und3:CAQkNRQL4J9AXjGFsn9

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks