Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Sprawls.cmd

windows7-x64

1

Sprawls.cmd

windows10-2004-x64

8

Unpreposse...re.wsf

windows7-x64

8

Unpreposse...re.wsf

windows10-2004-x64

8

Unpreposse...ty.jpg

windows7-x64

3

Unpreposse...ty.jpg

windows10-2004-x64

3

semihonorS...ng.cmd

windows7-x64

1

semihonorS...ng.cmd

windows10-2004-x64

8

semihonorS...th.jpg

windows7-x64

3

semihonorS...th.jpg

windows10-2004-x64

3

semihonorS...ck.jpg

windows7-x64

3

semihonorS...ck.jpg

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ellenyard.iso

  • Size

    3.8MB

  • Sample

    221222-tqq3hseg45

  • MD5

    a5072bc33f76c2da0e7cbb775bab63ba

  • SHA1

    7ad1760e150370f17b5419e8dc9a172540359fee

  • SHA256

    f28f389ac0824bee4f8747c853e85a78c3c8ee5f07098d49a6528ab40005abe1

  • SHA512

    c082c49ba7c29194c9dd0490f52213efc935e5e97509b6aeec35a2e3147231ec6517eefa29adf0207359d74f0f059786309371202364dc67ae0c120fd90015b9

  • SSDEEP

    49152:ffFm4xXXqV/LURRrxxF1MptNHWUDRm+wl40tGKpXN707cQ3c+kL0x:+

Score
8/10

Malware Config

Targets

    • Target

      Sprawls.cmd

    • Size

      398B

    • MD5

      8be9afced6299bfb683145290a892c66

    • SHA1

      8683bf70cb829b5a427c78987d3babbf28832564

    • SHA256

      6023190da512fe24e7ea54a7503665e7dc6d0b138f3457e0d52a32de8f8655e4

    • SHA512

      3c1c96e0db23d095dd2ae406cc98755fecfe478e2964fe128a0399b355bf561086d63ba4530142b57579dacf322e7f98aae8044a82d7c90286b8d9ba90841404

    Score
    8/10

    • Executes dropped EXE

    behavioral1behavioral2

    • Target

      UnprepossessedRockeries/Outscout/OvervehemenceSeparatrices/CoffeaReaspire.wsf

    • Size

      26KB

    • MD5

      1284537ec66f1bab477c9056a93246a5

    • SHA1

      f2063fcc7dafa9792ed89a896b456360cd7d2f86

    • SHA256

      7d1ddf96998fcdbed9df8de4e9c3241bfecdfa60f32d3f85513d9ead0a360d69

    • SHA512

      c3d27ea9d52ff540359ada8621a7adb3d14fb780defce7f754b8ffacb768525fa3e10354582e8bfcb4c0016eeb9c753408bcc747738d3eb741e6996f3549b25c

    • SSDEEP

      384:jH7uE5WXlZVpBWHeCpCmLd3+vGiXsTR3Pb+CX826Pwc+dYVhor7vm:jKjlc8vGiYf826Pwc+d8W7vm

    Score
    8/10

    • Blocklisted process makes network request

    behavioral3behavioral4

    • Target

      UnprepossessedRockeries/Outscout/OvervehemenceSeparatrices/DisexcommunicateZonality.jpeg

    • Size

      37KB

    • MD5

      40e83345c55aa99db65557c16e6af956

    • SHA1

      ff16d3cde3716cfe4584fbd403a5cc998dcb6b2a

    • SHA256

      749ccd1bf2235dd37e04ff68256ea7695d0e9bd3a1bcf32ed78c9b41e0639d4c

    • SHA512

      c278e081fe0226e80270540b6050119baea350c9240741e4f125e58479280167216af9ad3db05501d1581de36eded1038133ee27c5703de86ffcebfd82e0fff6

    • SSDEEP

      768:qT/bSCZvcoDPmuJdM+CZw4ImZn/Jsgd2plLR2psynYZzfxOa1H1schv:qL+ChxD5g+CZw/mFJFdTsynulsUv

    Score
    3/10
    behavioral5behavioral6

    • Target

      semihonorSpeculated/CommercerMisbestowing.cmd

    • Size

      389B

    • MD5

      06e4d5e35a83ff4bdaf77d1c9f5edee5

    • SHA1

      2d0e88c63d2845d0e742712f93b12fd77243aea9

    • SHA256

      ccc2cf6bb99190a931cc1d9481a996ae153d41c3375547e2c97adcad3fd98194

    • SHA512

      76cefe433d8d258072660ba874cb4fce3ae3e04e27ccde9888ae2f75f356394af01bd4269abd48dbfdaa9125bc80c2a96b08c431b6fcd12da2992539dd34b8fb

    Score
    8/10

    • Executes dropped EXE

    behavioral7behavioral8

    • Target

      semihonorSpeculated/Pharmacosiderite/Discamp/Sawsmith.jpeg

    • Size

      36KB

    • MD5

      a7ec37a016d42355ae70009bbccb6883

    • SHA1

      ab60088f7cc96c56fc52597db4565087bb9002a5

    • SHA256

      50234d68cf2ddcecfb28250cff1ac9e66737c1419ef8beb4aeabf57c13c8d0cd

    • SHA512

      8896c347634a45f540e2a02d6b581ba2bc979a3ee998b0af2d298867b80d24164cad245c645fe4305cd01d3c0355c8a9205722aa529a90634edfc3cede5e2465

    • SSDEEP

      768:hBzj5WGhCql3vzUcWonZmXB4MvvRQyNc/LaE2TqGYV6TUz:hFj5dFNLyNcm7bTu

    Score
    3/10
    behavioral10behavioral9

    • Target

      semihonorSpeculated/manypliesGreenback.jpeg

    • Size

      7KB

    • MD5

      6d3085925e4248f0e5206faefce94c51

    • SHA1

      76c1f2d0c86155b9003a21fd4ad096fb5497515c

    • SHA256

      986da7424801ae4284d39853dd285d4336e1a8044f5b3e1a49d69fda33742e95

    • SHA512

      86829a4b88f4520ab4ad3bf28c229072ccdffa0a1f7f0edc6b51eb7e2855afba62c16213d82e588e954bf42407d5914622829c2e8280df27ebe964757ee03087

    • SSDEEP

      192:LMssmkogTVc81LRfdXKkJkrbZjm2AFcBVRid:Issmk5b1FdrOKsI

    Score
    3/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v6

Tasks