Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aa.exe

  • Size

    19KB

  • Sample

    240906-a6hljaxaqn

  • MD5

    95e7c07f6c76a4bd65f911c2532077a0

  • SHA1

    b8d315964cbd4211938c4474fd1bf53588408af2

  • SHA256

    be539a6aacf06ef38497d3adc4837c74b6dd28a2a57c4e98e29f2d89fd9b8921

  • SHA512

    ae4963c10dc70b4a80288b9100c07d23e3d6231e60f30483aa5279ab2d9c49b7f35e02604a1d76e04ea07b1afa1111db34e721bae4cd107c6d5e374bcc6c21db

  • SSDEEP

    192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2W8iXsGWF8qa1Dojjgi:iqaCF31cix+Dc4zjh8i83FF46gi

Malware Config

Extracted

Family

cobaltstrike

C2

http://130.61.59.1:80/9fjT

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)

Targets

    • Target

      aa.exe

    • Size

      19KB

    • MD5

      95e7c07f6c76a4bd65f911c2532077a0

    • SHA1

      b8d315964cbd4211938c4474fd1bf53588408af2

    • SHA256

      be539a6aacf06ef38497d3adc4837c74b6dd28a2a57c4e98e29f2d89fd9b8921

    • SHA512

      ae4963c10dc70b4a80288b9100c07d23e3d6231e60f30483aa5279ab2d9c49b7f35e02604a1d76e04ea07b1afa1111db34e721bae4cd107c6d5e374bcc6c21db

    • SSDEEP

      192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2W8iXsGWF8qa1Dojjgi:iqaCF31cix+Dc4zjh8i83FF46gi

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks