Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
19/12/2024, 08:59
General
-
Target
1d4f27ea1bdf9ab533fbe450297d218246109d657cb5a3a5f62ae65ce6413b29.exe
-
Size
72KB
-
MD5
0249cce8c47ef7fc7955f6d457354417
-
SHA1
fc9c9ca587a8bf9c061b81d72d5454ee5d3a03ec
-
SHA256
1d4f27ea1bdf9ab533fbe450297d218246109d657cb5a3a5f62ae65ce6413b29
-
SHA512
4bc32bec26cbd56ab0d08371d3f84fd34edca478954ae703fc642d51c72dd77bf7ac7ca352f95d8febb9f39b2ec58c2e53e1b8b577ac18bfc390111178b604e0
-
SSDEEP
1536:Iyg63UO8YEe6av68p3kPeywfsVXnMb+KR0Nc8QsJq3F:RgWUO8YEe6avHmBwfsxne0Nc8QsCF
Malware Config
Extracted
metasploit
windows/reverse_tcp
10.10.100.148:8888
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\1d4f27ea1bdf9ab533fbe450297d218246109d657cb5a3a5f62ae65ce6413b29.exe"C:\Users\Admin\AppData\Local\Temp\1d4f27ea1bdf9ab533fbe450297d218246109d657cb5a3a5f62ae65ce6413b29.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB