Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5b441509a2d319ed45c2c603f344b1e5f5def1c9d797eae039eece52c3839962.zip

  • Size

    108KB

  • Sample

    240814-v8xtfsvcqa

  • MD5

    48ed43d1aaeab0e54004d5c3c08af51e

  • SHA1

    9b7eb172e39cceb9c94ba61e3bf717102e169f30

  • SHA256

    b1d70b7a3269106fac78148e006b2640bf72bec059207bbaaa2357a58711e2fc

  • SHA512

    e54314f09eb1b8667b898b48b44d792b98d7b6c91d0449b1aacdafb9ab03418bd447286c8004553f47e5ba0b489cbb92758c2dd0f437cf120d1baa77a329b7ee

  • SSDEEP

    3072:aVB1hwDxcfIag6o5OCU4gMUD27yBo2oVWcLsloUNVoqBraR:aVB1CVcftvzCU4Z8xd81J

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes
  • beacon_type

    512

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • pipe_name

    \\.\pipe\msagent_3143

  • polling_time

    10000

  • port_number

    4444

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAJgrD58wcHhpNqxew7EHFE8jXWLVYrbkaEf2SVwAWAUG44Rbt1akIIWO6lfkc+kTDoQ05Mq2YdJLEOJ+iNuJ0g0F8Cwavg2YtXmB0x0RG0Jr2mghLdRzoq0QXuqTyHT5y6gKguMEdTDgMzqfhLKmv1nfNcMN2vwbZj5E/H0C+EwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • watermark

    0

Targets

    • Target

      5b441509a2d319ed45c2c603f344b1e5f5def1c9d797eae039eece52c3839962

    • Size

      200KB

    • MD5

      8116fcc12342ce499a06eb085f103976

    • SHA1

      b0adf7f01a98884952559131faf24b273895887e

    • SHA256

      5b441509a2d319ed45c2c603f344b1e5f5def1c9d797eae039eece52c3839962

    • SHA512

      713ca5c947e35ede1eeea5a014a10c4f1ed59333211f911b9d8788fd1b2f414124d8d6acde21d533df54ebbf8ea1d240f9acd300ac9e4f9b10f6df849934f922

    • SSDEEP

      3072:h0QQVOcISjb+5kKTa0sEuZ7c8JbhjVQmjEUhS50:SP+SjTQa0s2AjVrjJ

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks