Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588
-
Size
1001KB
-
Sample
241218-j1px4a1jfv
-
MD5
bf2c7bb21e7aeab1b93d05f1bb26ffa8
-
SHA1
5e24a71302fd88320708439985b685fb0b9c9474
-
SHA256
910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588
-
SHA512
9bcb9a7d82e4c85facfb1992f07e1e2414c490dd354f67c98585a3eb23be0dcb478cc246f2b862f2abce7a735e0ea9e46ca338246d76bc9652bb91ddc7fa33e2
-
SSDEEP
24576:XWtrQSEshKO1axQ31DvJc9cQDmyEMMlYdHD/yQQQQQQQQQQ+QQQQQQQQQQQQQQl8:GZDhKO1ay3bcNnHMlY5yQQQQQQQQQQ+G
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
192.168.211.130:10067
Targets
-
-
Target
910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588
-
Size
1001KB
-
MD5
bf2c7bb21e7aeab1b93d05f1bb26ffa8
-
SHA1
5e24a71302fd88320708439985b685fb0b9c9474
-
SHA256
910671f5ccd09562e5cbbbd1f6124b1e3e8a95aa666e3dd1fcaa839240235588
-
SHA512
9bcb9a7d82e4c85facfb1992f07e1e2414c490dd354f67c98585a3eb23be0dcb478cc246f2b862f2abce7a735e0ea9e46ca338246d76bc9652bb91ddc7fa33e2
-
SSDEEP
24576:XWtrQSEshKO1axQ31DvJc9cQDmyEMMlYdHD/yQQQQQQQQQQ+QQQQQQQQQQQQQQl8:GZDhKO1ay3bcNnHMlY5yQQQQQQQQQQ+G
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-