Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cisco2.ps1
-
Size
2.2MB
-
Sample
230302-w3wvmseb85
-
MD5
7708f4d0a27fcb9a315e0e2b9fa24248
-
SHA1
498ac3d0ddf4b19f6f7d3dacf03c4e2fbf8f993b
-
SHA256
0afe02415b9523c9f840be11d9561d1c07b41ac1f7b803b7112608ae8db29950
-
SHA512
af6b285e63c9c3db98d35492ff03ec08196c859f508834fc39d6b76283447f493bc721dfa15a2ad777c6e8547ade639f9379ac1cefa54e226096fb0aa4956f54
-
SSDEEP
24576:rsxT2KAWU1N5BWAdTfrOqluXAxXgo0TEYKoDcF/mUCXy0wxG/uD3:whAlf5BHF/gfha/FFT
Static task
static1
Behavioral task
behavioral1
Sample
cisco2.ps1
Resource
win7-20230220-en
Malware Config
Extracted
bumblebee
Extracted
bumblebee
cisc117
172.93.193.3:443
23.81.246.22:443
95.168.191.134:443
104.168.175.78:443
172.93.193.46:443
157.254.194.104:443
37.28.157.29:443
23.106.124.23:443
194.135.33.182:443
54.38.139.94:443
192.119.65.175:443
107.189.8.58:443
205.185.114.241:443
104.168.171.159:443
103.144.139.159:443
91.206.178.204:443
198.98.58.184:443
172.241.27.120:443
23.106.223.197:443
23.108.57.83:443
54.37.131.232:443
23.82.128.11:443
160.20.147.91:443
103.175.16.10:443
Targets
-
-
Target
cisco2.ps1
-
Size
2.2MB
-
MD5
7708f4d0a27fcb9a315e0e2b9fa24248
-
SHA1
498ac3d0ddf4b19f6f7d3dacf03c4e2fbf8f993b
-
SHA256
0afe02415b9523c9f840be11d9561d1c07b41ac1f7b803b7112608ae8db29950
-
SHA512
af6b285e63c9c3db98d35492ff03ec08196c859f508834fc39d6b76283447f493bc721dfa15a2ad777c6e8547ade639f9379ac1cefa54e226096fb0aa4956f54
-
SSDEEP
24576:rsxT2KAWU1N5BWAdTfrOqluXAxXgo0TEYKoDcF/mUCXy0wxG/uD3:whAlf5BHF/gfha/FFT
-
Blocklisted process makes network request
-
Suspicious use of NtCreateThreadExHideFromDebugger
-