Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

b1d16d8e69...71.exe

windows7-x64

10

b1d16d8e69...71.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb4e8358a58de5cd176e3c4bbe264043.bin

  • Size

    3.6MB

  • Sample

    240825-b75m5atbpn

  • MD5

    eb5c15f683b35b5f68ead66fd5500629

  • SHA1

    6fd5b69e8a23e38082ea96e7f56af8d44d185b08

  • SHA256

    1cbd1937d992b6a8e75cff9cef397e74fa7b57d49da3a70db45b04557260f742

  • SHA512

    2f1758f125cec335cea1cc82a9a8cf2487bc72f447b7472f50055979666cd9f3d5603a9369e6c0ef6b8e462a3a7d52a47b693662b0863e0cf4de257c85422290

  • SSDEEP

    98304:1mqs/n0trXcH1ZbHXTk+HodjTwwRMt45R:jGn6G13Tk+Ho18wQ2

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      b1d16d8e6907f15b583f6aebe3ea9986dda807275ebbd239a5fdf9fbdaa88b71.exe

    • Size

      3.7MB

    • MD5

      cb4e8358a58de5cd176e3c4bbe264043

    • SHA1

      cf4b296b1abb3e938fa29a983ad4b7577de20f2b

    • SHA256

      b1d16d8e6907f15b583f6aebe3ea9986dda807275ebbd239a5fdf9fbdaa88b71

    • SHA512

      f89b9568404978c2a6bb6ce298ad43244870efa6d9ec64c9a46d80578faa1fd7f572d9d12b353c846202b62663e881f7b2096c4df18b52447a53bebc4e3896a8

    • SSDEEP

      98304:g/VHo5FtMIF6lxYGduFlu3mSX/9ZfVJXtH5:RrdF6lxngq3jlZfXtH5

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks