Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d3cd75e8fe...0b.exe

windows7-x64

3

d3cd75e8fe...0b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d3cd75e8fe17280f8813f00c2e18e4999787e2c6ccf43e20a450d018999e8f0b.exe

  • Size

    3.7MB

  • Sample

    250318-kpnrbsysfw

  • MD5

    ab7f39826e8fa9efd5e429bf45df882e

  • SHA1

    6df2fdf734a59b35326a2e882e1e8f25a4fd499b

  • SHA256

    d3cd75e8fe17280f8813f00c2e18e4999787e2c6ccf43e20a450d018999e8f0b

  • SHA512

    9280bf61d38808f322dd33e58c19b7a6d13d569d16e47289ad193a31f0609fbb1946acf6ad127502f938357af1e597c9c7b328531c2fa446466e15f2e373b6e2

  • SSDEEP

    49152:l8o8bZjyJVD0s9Mr3XIfRviWkgEOaxfCbCMcXGtSgvZPOQ5QR:l8o8VOUs9joRbMc2tSW6R

Score
10/10
meshagentnew connectionsdiscovery

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

New Connections

C2

http://manage.clientdesk.help:443/agent.ashx

Attributes
  • mesh_id

    0x0F91CC5981A9BC9502B9FA550F16A64F6C15510D08D851AB9EEB2F733095BC1B43BC9B4CFDF0DB7DAF321BCCADE081B1

  • server_id

    ABC4BD96D548708CD5C2CC82CC0015B75413E36B395BC41D9B732EBF80E01A5EBB1EC45D3834796F9B1B93CE12C5F8CB

  • wss

    wss://manage.clientdesk.help:443/agent.ashx

Targets

    • Target

      d3cd75e8fe17280f8813f00c2e18e4999787e2c6ccf43e20a450d018999e8f0b.exe

    • Size

      3.7MB

    • MD5

      ab7f39826e8fa9efd5e429bf45df882e

    • SHA1

      6df2fdf734a59b35326a2e882e1e8f25a4fd499b

    • SHA256

      d3cd75e8fe17280f8813f00c2e18e4999787e2c6ccf43e20a450d018999e8f0b

    • SHA512

      9280bf61d38808f322dd33e58c19b7a6d13d569d16e47289ad193a31f0609fbb1946acf6ad127502f938357af1e597c9c7b328531c2fa446466e15f2e373b6e2

    • SSDEEP

      49152:l8o8bZjyJVD0s9Mr3XIfRviWkgEOaxfCbCMcXGtSgvZPOQ5QR:l8o8VOUs9joRbMc2tSW6R

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks