Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    28b0b02e6a51afb04bfeddbf646867bd574b41168f484c295f92cfed5a87cc0f

  • Size

    43KB

  • Sample

    240818-1ef7hayelk

  • MD5

    fcdcbd12cb5197651c6d550f86135ed6

  • SHA1

    394d55172330863d05d5a2f31ae0d9d6b433f76c

  • SHA256

    28b0b02e6a51afb04bfeddbf646867bd574b41168f484c295f92cfed5a87cc0f

  • SHA512

    d858122c8eaf49d0627c397aa33e442bc0d290b6e7dd4fac23dd54ebf23ffe39c1250dce3cb953f02f67ef1b48e705bffcf69651647dbb44925544fda323875e

  • SSDEEP

    768:tVxw+tECIUAR+pQaSgwUvut4aiTWVckrrZBpQGA/:XxrtEt+pQaPiiTIFrLG

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.4.17:443/YhFU

Targets

    • Target

      28b0b02e6a51afb04bfeddbf646867bd574b41168f484c295f92cfed5a87cc0f

    • Size

      43KB

    • MD5

      fcdcbd12cb5197651c6d550f86135ed6

    • SHA1

      394d55172330863d05d5a2f31ae0d9d6b433f76c

    • SHA256

      28b0b02e6a51afb04bfeddbf646867bd574b41168f484c295f92cfed5a87cc0f

    • SHA512

      d858122c8eaf49d0627c397aa33e442bc0d290b6e7dd4fac23dd54ebf23ffe39c1250dce3cb953f02f67ef1b48e705bffcf69651647dbb44925544fda323875e

    • SSDEEP

      768:tVxw+tECIUAR+pQaSgwUvut4aiTWVckrrZBpQGA/:XxrtEt+pQaPiiTIFrLG

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks