Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e33a3b6de352650c44163c2ff989cad764017c508e13b240f783c08c736f2c5

  • Size

    3.5MB

  • Sample

    240905-2mh7hashkh

  • MD5

    c883436a51137626711481fed4be79c8

  • SHA1

    57c7e6907219e8aae747f64343066963b57508b0

  • SHA256

    7e33a3b6de352650c44163c2ff989cad764017c508e13b240f783c08c736f2c5

  • SHA512

    8b6c00183876d0bd712e616fcb6db3f7d5ffae4eeeb25fbf6c0a17b725b44f82cf7e2e810404560ab2373cbaf053d7baa89aa999e6c0c59161cf1bf9ab1098b9

  • SSDEEP

    49152:Cq83Vz78OluGWBbuAC/diGe0rwNBspK/DQpBjMVJZEY3aXUzjXv8lszLTx660Uax:n8txwBbd8dixqwDspccpp5Uzj/8ls1KX

Malware Config

Targets

    • Target

      7e33a3b6de352650c44163c2ff989cad764017c508e13b240f783c08c736f2c5

    • Size

      3.5MB

    • MD5

      c883436a51137626711481fed4be79c8

    • SHA1

      57c7e6907219e8aae747f64343066963b57508b0

    • SHA256

      7e33a3b6de352650c44163c2ff989cad764017c508e13b240f783c08c736f2c5

    • SHA512

      8b6c00183876d0bd712e616fcb6db3f7d5ffae4eeeb25fbf6c0a17b725b44f82cf7e2e810404560ab2373cbaf053d7baa89aa999e6c0c59161cf1bf9ab1098b9

    • SSDEEP

      49152:Cq83Vz78OluGWBbuAC/diGe0rwNBspK/DQpBjMVJZEY3aXUzjXv8lszLTx660Uax:n8txwBbd8dixqwDspccpp5Uzj/8ls1KX

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks