Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a979116400550af0be6a9762c4bf5c0N.exe
-
Size
920KB
-
Sample
240813-r8971azdlh
-
MD5
1a979116400550af0be6a9762c4bf5c0
-
SHA1
31cf6ef4c771a85ca51dca9df858dcecfaa146cd
-
SHA256
3f615faf3eef7546d3afc2baf8e7259042e7e7ede5c17a626b5f73ca3a9e8cd3
-
SHA512
4db5863a9acffce1ac51a892103448628533a2677864f3ba687b6851014e341ab6fa413cafbddae498371f560ed2b7917cf1fa60259da3a3a8b1eec049264b7c
-
SSDEEP
12288:BBTxaYAzxCbcwYe66E8UO4BF4fe4vi73Tcal1F4GTpzY7xBo0MTis/L:7FAzxecw9NLULo2aowax4Gq7xG5T1
Static task
static1
Behavioral task
behavioral1
Sample
1a979116400550af0be6a9762c4bf5c0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1a979116400550af0be6a9762c4bf5c0N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
cobaltstrike
0
-
watermark
0
Extracted
cobaltstrike
574247
http://192.168.199.134:8011/IE9CompatViewList.xml
-
access_type
512
-
host
192.168.199.134,/IE9CompatViewList.xml
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
60000
-
port_number
8011
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYculBeZmrbMS1tUHgTa52vQn/jGzbJuxK3983bRJiS0d0xvEEpjfJ2NEtptZBL9yhhf8IIwbMBDqJj4fuVvUsHrQ26Zkxv0KrEuuIo60BUZ43Fcvi1VF555t4NL1wMOMPoz9NcxpSJ1Z+Am4vlaGTSg/Fxx6/0/Mh+UQMcZYvOwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)
-
watermark
574247
Targets
-
-
Target
1a979116400550af0be6a9762c4bf5c0N.exe
-
Size
920KB
-
MD5
1a979116400550af0be6a9762c4bf5c0
-
SHA1
31cf6ef4c771a85ca51dca9df858dcecfaa146cd
-
SHA256
3f615faf3eef7546d3afc2baf8e7259042e7e7ede5c17a626b5f73ca3a9e8cd3
-
SHA512
4db5863a9acffce1ac51a892103448628533a2677864f3ba687b6851014e341ab6fa413cafbddae498371f560ed2b7917cf1fa60259da3a3a8b1eec049264b7c
-
SSDEEP
12288:BBTxaYAzxCbcwYe66E8UO4BF4fe4vi73Tcal1F4GTpzY7xBo0MTis/L:7FAzxecw9NLULo2aowax4Gq7xG5T1
Score10/10 -