Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
18/10/2022, 18:09
221018-wrfz2sghbn 817/10/2022, 19:36
221017-ybehdsdafk 814/10/2022, 20:42
221014-zhfvgaedb6 814/10/2022, 20:26
221014-y729bsech2 8Analysis
-
max time kernel
510s -
max time network
440s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system -
submitted
17/10/2022, 19:36
Static task
static1
Behavioral task
behavioral1
Sample
JsSample.js
Resource
win10-20220812-en
2 signatures
600 seconds
General
-
Target
JsSample.js
-
Size
67KB
-
MD5
c98cc414b7864a85adbc80ba22fb4a6e
-
SHA1
5bd51af7cb17ace046cd550ebab510edeec1c7e6
-
SHA256
22abdd10ff3c59e964da9dad771af09be87ac85719b0702ff63ddd5f2fbc3b94
-
SHA512
0924c3751c1955423b41ed8c5ce5d149dc247d2ed03860e39d5ca10c6ca1319cba93ddafb83a5b1b2fc0cf8d51cecea4c886317b31e6277dec86bf7fac3e00e8
-
SSDEEP
1536:n4YlV2fwId2Nte9W2ZtrUNvTJnCv13TuAP1J9EnAwaUX:mfwId2eW2ZCdNCX8aUX
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 3 IoCs
flow pid Process 7 2760 wscript.exe 9 2760 wscript.exe 11 2760 wscript.exe -
Script User-Agent 3 IoCs
Uses user-agent string associated with script host/environment.
description flow ioc HTTP User-Agent header 11 Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) HTTP User-Agent header 7 Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) HTTP User-Agent header 9 Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)