Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

PO-OPH21.vbs

windows7-x64

10

PO-OPH21.vbs

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO-OPH21.vbs

  • Size

    202KB

  • Sample

    220913-g27hesafck

  • MD5

    12d751d2c8e6e0a30b3ebb10b29a1f72

  • SHA1

    91572ef1af495aa0c41d09c320e2a2b4929102c9

  • SHA256

    33f7ae1870495bc4414814108e9bb6231a59f2be36ccd00aff85bb263edbd4d0

  • SHA512

    65326610242865445ebcdf0f48ee53c420db3daafd41e8a13c3ff9b558ee82754b07b064dfbf9056271bea0f7be56b0053022642ef9c09f72dd59c343b103421

  • SSDEEP

    3072:ZanFDTCfk1/9G3hJaCmxirqtDC8JTTVx/1kSaiQkXjLawoxTnLC5bELBS6:8os1/ihHmIi51kSa3kTLawoxKKll

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      PO-OPH21.vbs

    • Size

      202KB

    • MD5

      12d751d2c8e6e0a30b3ebb10b29a1f72

    • SHA1

      91572ef1af495aa0c41d09c320e2a2b4929102c9

    • SHA256

      33f7ae1870495bc4414814108e9bb6231a59f2be36ccd00aff85bb263edbd4d0

    • SHA512

      65326610242865445ebcdf0f48ee53c420db3daafd41e8a13c3ff9b558ee82754b07b064dfbf9056271bea0f7be56b0053022642ef9c09f72dd59c343b103421

    • SSDEEP

      3072:ZanFDTCfk1/9G3hJaCmxirqtDC8JTTVx/1kSaiQkXjLawoxTnLC5bELBS6:8os1/ihHmIi51kSa3kTLawoxKKll

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks