Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    adbb06d92f036c14b90e4cbc210ffdc6b129cd4c8c7e4e9db6f67e78b56af4cd

  • Size

    43KB

  • Sample

    240818-1qr35szcjl

  • MD5

    3ca7dae77e2f265d6adfc0918bb2fb1e

  • SHA1

    6d0ee171920d95ba0d15b476f1bbef2204918b98

  • SHA256

    adbb06d92f036c14b90e4cbc210ffdc6b129cd4c8c7e4e9db6f67e78b56af4cd

  • SHA512

    d35246b0051ee24c65719c65518f02f3d45806732f135f6dcb19c66fae58349b3f0a07b14d0735eb751af09162000e7b7ca9922b975a71c8f4cbc1072f3cc136

  • SSDEEP

    384:W8iS8px8SMDHv516+pQap8LtdIymPZ9JPTOl0kyzQ/vx3VFDWDtN0j0j2/ot:23yPO+pQaSL3bYZ9JHWplFEc/

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.4.17:443/yIc7

Targets

    • Target

      adbb06d92f036c14b90e4cbc210ffdc6b129cd4c8c7e4e9db6f67e78b56af4cd

    • Size

      43KB

    • MD5

      3ca7dae77e2f265d6adfc0918bb2fb1e

    • SHA1

      6d0ee171920d95ba0d15b476f1bbef2204918b98

    • SHA256

      adbb06d92f036c14b90e4cbc210ffdc6b129cd4c8c7e4e9db6f67e78b56af4cd

    • SHA512

      d35246b0051ee24c65719c65518f02f3d45806732f135f6dcb19c66fae58349b3f0a07b14d0735eb751af09162000e7b7ca9922b975a71c8f4cbc1072f3cc136

    • SSDEEP

      384:W8iS8px8SMDHv516+pQap8LtdIymPZ9JPTOl0kyzQ/vx3VFDWDtN0j0j2/ot:23yPO+pQaSL3bYZ9JHWplFEc/

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks