Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588

  • Size

    1001KB

  • Sample

    241218-j1px4a1jfv

  • MD5

    bf2c7bb21e7aeab1b93d05f1bb26ffa8

  • SHA1

    5e24a71302fd88320708439985b685fb0b9c9474

  • SHA256

    910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588

  • SHA512

    9bcb9a7d82e4c85facfb1992f07e1e2414c490dd354f67c98585a3eb23be0dcb478cc246f2b862f2abce7a735e0ea9e46ca338246d76bc9652bb91ddc7fa33e2

  • SSDEEP

    24576:XWtrQSEshKO1axQ31DvJc9cQDmyEMMlYdHD/yQQQQQQQQQQ+QQQQQQQQQQQQQQl8:GZDhKO1ay3bcNnHMlY5yQQQQQQQQQQ+G

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.211.130:10067

Targets

    • Target

      910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588

    • Size

      1001KB

    • MD5

      bf2c7bb21e7aeab1b93d05f1bb26ffa8

    • SHA1

      5e24a71302fd88320708439985b685fb0b9c9474

    • SHA256

      910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588

    • SHA512

      9bcb9a7d82e4c85facfb1992f07e1e2414c490dd354f67c98585a3eb23be0dcb478cc246f2b862f2abce7a735e0ea9e46ca338246d76bc9652bb91ddc7fa33e2

    • SSDEEP

      24576:XWtrQSEshKO1axQ31DvJc9cQDmyEMMlYdHD/yQQQQQQQQQQ+QQQQQQQQQQQQQQl8:GZDhKO1ay3bcNnHMlY5yQQQQQQQQQQ+G

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks