Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    282a263a77037f37ffc2e971012d639da55982b834a5f67eef5dcf43ef39cce1

  • Size

    208KB

  • Sample

    240926-scl1zawenb

  • MD5

    447d100af275c8f36c6b39c510dea850

  • SHA1

    f6edcfedc779ff51376ebb20ab78cf8614bb888d

  • SHA256

    282a263a77037f37ffc2e971012d639da55982b834a5f67eef5dcf43ef39cce1

  • SHA512

    3b2d4f81d6cc17ebc52c2554f5a74e44b94e58ee06e767b18ebbbc1bba87b837f8bba039ae77e818f96180c65582d4778dac8aee49d44cd14c104213f36ab766

  • SSDEEP

    6144:BL69aBPFtG7Of8KPtzeH5tvr1AMc7kAt/:BW8NtaOfVP9gjr1zc7kM

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.204.147:4444

Targets

    • Target

      backdoor-1.exe

    • Size

      72KB

    • MD5

      fb823271953b6ccd19647a62a23ce442

    • SHA1

      3a4626e20aadd3428849225adc5ed751838164c3

    • SHA256

      c4f54fba7932f5d576c5d4e7b46cee47f16d5848378a461e49803fbde45c0f0c

    • SHA512

      3423a44bd4760f2a5c2c791ae6bef763dbdc408f569fb365f6f1d39fafea23296399c8cbf3b474f0da40413d0a0af469d1f6ce79befb7edb450c1d4b5d982019

    • SSDEEP

      1536:Il5Vu9aauaqnFc/MXq8Mb+KR0Nc8QsJq39:a5XauaqnFc/Mpe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Target

      backdoor-2.exe

    • Size

      178KB

    • MD5

      bf462b624cb0c75f30117a5fbf997186

    • SHA1

      55cb2ba0d034ff5d06e890a0e4ea6763324693b4

    • SHA256

      d8807d78b8ae0f7c1783db057cb63a60f6ea36fab7a90e7617d2083349f9bc81

    • SHA512

      a6a7d010b24ba6200dd87fec834b5eea4c7dd0a5d28239fb0670c427ec397470f1d3550f30268fea9c5f03d872bba0070d992a86a333441c40e779cf59619556

    • SSDEEP

      3072:lzqTC/VXu6wRe0Nc8QsCQG+NilMZXgHjf4+dSSD+qtlWbovFqwaawqSWS1RjbgO4:xqGdXu6wQ0Nc8QsxGNMZwDQoSbqOGFZ2

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Target

      backdoor-3.exe

    • Size

      179KB

    • MD5

      d97d05d0ed1f6200fc372ff23e44c5e3

    • SHA1

      7fd5eae75c5c94ec13dadae6a9e446ebd5c9bda7

    • SHA256

      ba8e7a54edffc7f490873a0b02e622dae01212c0d3b066f36b427d0a5dfb8023

    • SHA512

      7e2b21de057ec4800a4209ae0526a92ecb0d1ce2ef2dc2cc64b9a74cb13899f3e122c276aba1e0142bd580679d62ea87025eb652e958bc37ef26b4fb0c4901f4

    • SSDEEP

      3072:xzqTC/VXu6wXe0Nc8QsC8WsPY6JtujJeY0gmtpq0A0zr05uPT91D561h/AIMT2/O:VqGdXu6wO0Nc8QsPPvjz5prAQ8uPToO4

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Enterprise v15

Tasks