Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

6a1db5af50...17.msi

windows7-x64

6

6a1db5af50...17.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19020925368.zip

  • Size

    50KB

  • Sample

    240916-2rpvvatfpc

  • MD5

    935d6e157b48fac99824a93dec884be2

  • SHA1

    75ea5d0b066f8eda43a55c78efa2637c337a9c0d

  • SHA256

    465103f49f17100d1858ab0c63f2d32d5050b30504cd41a930d4b80caf0e6d08

  • SHA512

    9fb629a42c8917434401ea5d5be7229bf7042ae410b66d06c466d5aef840c7fa943e7f7d4acab8eba072ceca8b69258eaaed800ddfaab429b408b7655667e0fd

  • SSDEEP

    768:eTOeHhfaSTjeA5rKFndG6l7atHQ2w5VTbq7Cq+yMVPQNKyK3v2BdIktRH:evhiS+A5G+6Uw2K1qmRnaKyK3vidI2H

Score
10/10
metasploitbackdoordiscoverypersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

5.180.45.105:9999

Targets

    • Target

      6a1db5af5083758b437f10a1a27f0d4f313b1ef78bfa5491d3d58dbe742a7f17

    • Size

      156KB

    • MD5

      b61ce074ac64253b6f3718b15d634d27

    • SHA1

      439dce9b8c45c4f91ff375ec0c478c3e747b55ca

    • SHA256

      6a1db5af5083758b437f10a1a27f0d4f313b1ef78bfa5491d3d58dbe742a7f17

    • SHA512

      071e068a98208e540201bc9ff65357ba80bac82283edc179126944ebc15cd91c0628bfdd38761968c5693a9e93c53c431ba7c992adf83bdb70911a384cfe516c

    • SSDEEP

      1536:Ek7KKWI59KMnbYYWgdrWw/WNSQm7+8lEgWnwQ5kEMb+KR0Nc8QsJq3UDj0D:v7KKWIO/8oiWNS3+80nwbEe0Nc8QsC

    Score
    10/10
    discoverypersistenceprivilege_escalationmetasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks