Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22681cb9ebd4067b16e84c6403fd1341f380a9beb8c97aa950ea9f098500e5b0

  • Size

    83KB

  • Sample

    250120-1htxrs1jes

  • MD5

    b1fe2e12e641e07bdf83cf4e6a54bd06

  • SHA1

    60469df7194a9328e49b9dc5efb88ec8c4d5c239

  • SHA256

    22681cb9ebd4067b16e84c6403fd1341f380a9beb8c97aa950ea9f098500e5b0

  • SHA512

    044fc15ab36b5e43d772fb81cbada2da4cd8ab676c52f9119ce6503c2317271d8ade015b8009553d1c3943bf6d406aac17802dbcbb456274808cecf3899fc0dd

  • SSDEEP

    1536:Ky+WqQuctgd/mM4Im4QWcpYT180/oiu+7FwjgrBqpbCV2Fj6J+VMVxANinOXClh:z+X8YHvmPWcfYoiu+7yscl7g0NuOCv

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.10.176:8888

Targets

    • Target

      22681cb9ebd4067b16e84c6403fd1341f380a9beb8c97aa950ea9f098500e5b0

    • Size

      83KB

    • MD5

      b1fe2e12e641e07bdf83cf4e6a54bd06

    • SHA1

      60469df7194a9328e49b9dc5efb88ec8c4d5c239

    • SHA256

      22681cb9ebd4067b16e84c6403fd1341f380a9beb8c97aa950ea9f098500e5b0

    • SHA512

      044fc15ab36b5e43d772fb81cbada2da4cd8ab676c52f9119ce6503c2317271d8ade015b8009553d1c3943bf6d406aac17802dbcbb456274808cecf3899fc0dd

    • SSDEEP

      1536:Ky+WqQuctgd/mM4Im4QWcpYT180/oiu+7FwjgrBqpbCV2Fj6J+VMVxANinOXClh:z+X8YHvmPWcfYoiu+7yscl7g0NuOCv

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks