Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232
-
Size
2.7MB
-
Sample
240916-x9fyfawdkl
-
MD5
cb774bd4732de28267dacc87b5539a4f
-
SHA1
9ca2a8cee0b3e63a382a3086246213ade2b8a1b4
-
SHA256
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232
-
SHA512
a2b0820fbf244d565a1b5c1307845769650867f0630060d6c084c2ad9279ec1b4ab54d29b7f7c551c7a1b365cda94c7ece24db98b1d770223cc5137ea55d9990
-
SSDEEP
49152:1ZB1G8YSDQZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytg:P3GTZfe+bSaCqkR5uy7qHgh1eTGgHA
Static task
static1
Behavioral task
behavioral1
Sample
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
metasploit_stager
192.168.106.131:1111
Targets
-
-
Target
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232
-
Size
2.7MB
-
MD5
cb774bd4732de28267dacc87b5539a4f
-
SHA1
9ca2a8cee0b3e63a382a3086246213ade2b8a1b4
-
SHA256
1f55469c3f411e773cfc817ada68421343bd21bdb9ba9b99904ba759e3bd7232
-
SHA512
a2b0820fbf244d565a1b5c1307845769650867f0630060d6c084c2ad9279ec1b4ab54d29b7f7c551c7a1b365cda94c7ece24db98b1d770223cc5137ea55d9990
-
SSDEEP
49152:1ZB1G8YSDQZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytg:P3GTZfe+bSaCqkR5uy7qHgh1eTGgHA
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-