Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    qwEP718oyT2qxRdKZoUy.js

  • Size

    9.2MB

  • Sample

    220917-1eqqyaeccq

  • MD5

    63ad6f493f5c59783bc47316ef3b92af

  • SHA1

    c305e179439a10794fdf2f268fe1e3ab645d5983

  • SHA256

    67cbe3781f6f76624b4aa0190e5291be65126c254879bc301727d4407326a32a

  • SHA512

    bde7492e1a50f685158545557e978691055c83152fd6b72f32ac0bf393c727ceba24f6fe705fff632524ef9cd24a7e0f32e9f307387b43d214047b7e0a04f993

  • SSDEEP

    24576:/fG3epi7v1ed2ffe8vB3FG8S0Su9G3LK0UxRxJxzMvPOFzZHpARL37wtb9etQQOP:xfocZQ+ze+iq7lhrr4Rpf

Malware Config

Targets

    • Target

      qwEP718oyT2qxRdKZoUy.js

    • Size

      9.2MB

    • MD5

      63ad6f493f5c59783bc47316ef3b92af

    • SHA1

      c305e179439a10794fdf2f268fe1e3ab645d5983

    • SHA256

      67cbe3781f6f76624b4aa0190e5291be65126c254879bc301727d4407326a32a

    • SHA512

      bde7492e1a50f685158545557e978691055c83152fd6b72f32ac0bf393c727ceba24f6fe705fff632524ef9cd24a7e0f32e9f307387b43d214047b7e0a04f993

    • SSDEEP

      24576:/fG3epi7v1ed2ffe8vB3FG8S0Su9G3LK0UxRxJxzMvPOFzZHpARL37wtb9etQQOP:xfocZQ+ze+iq7lhrr4Rpf

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • Blocklisted process makes network request

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks