Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eee46402524c8dbd931bddb821397a185c59f58c784c1aaaac54800b34a80e50

  • Size

    4.4MB

  • Sample

    240810-1t4w4sthkc

  • MD5

    4496e25f3a901c91b874c5a7ef38fa4c

  • SHA1

    cd063de83ae85b354e30b413dbd047ad9eeea168

  • SHA256

    eee46402524c8dbd931bddb821397a185c59f58c784c1aaaac54800b34a80e50

  • SHA512

    a7ce54bcbf060029273dbd08c34b509fc4b5b4c403acc62121a6e2ac3383ddcac60b3a1a79dbee1803603a68952064795d3493947eab7b4908f417f11e14ce3b

  • SSDEEP

    98304:NW3bTee0iF6T7FQxj+dgjjTgoBuzLyHTMntHFjFHDHMBjZdJ:GbT8i6FQxjoOjUmuzQT4l92jZD

Malware Config

Targets

    • Target

      eee46402524c8dbd931bddb821397a185c59f58c784c1aaaac54800b34a80e50

    • Size

      4.4MB

    • MD5

      4496e25f3a901c91b874c5a7ef38fa4c

    • SHA1

      cd063de83ae85b354e30b413dbd047ad9eeea168

    • SHA256

      eee46402524c8dbd931bddb821397a185c59f58c784c1aaaac54800b34a80e50

    • SHA512

      a7ce54bcbf060029273dbd08c34b509fc4b5b4c403acc62121a6e2ac3383ddcac60b3a1a79dbee1803603a68952064795d3493947eab7b4908f417f11e14ce3b

    • SSDEEP

      98304:NW3bTee0iF6T7FQxj+dgjjTgoBuzLyHTMntHFjFHDHMBjZdJ:GbT8i6FQxjoOjUmuzQT4l92jZD

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks