Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Funds_388416.wsf

windows10-1703-x64

8

Funds_388416.wsf

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64382e2b77845.zip

  • Size

    36KB

  • Sample

    230418-v5f2jada57

  • MD5

    78ad90b07036a0d08aed81a0cb56182b

  • SHA1

    f08f5610ec6af1fcfc1c9046a3a955a7e96786a6

  • SHA256

    8a632947e30689f7f03d27a897c91165f60b462669d9c8995a6115d8da1911c7

  • SHA512

    6a9e68621b9ea38a9401f81711a57e4ce470e0e2064dc1fcec2f3eb5a8024ad5b2c71fe90a8d8b8d0d0d19a0086a4e77da49c63226a60d84cc026b3656c1533a

  • SSDEEP

    768:QCtBI9g4B97k3YWKzdFl8iAnOc60c1/CcX7UfHysev4wr2TLOn9zP9y/N4l7:rrY7eiAOcv8LXsevNr2TLuFP9y+l7

Score
8/10

Malware Config

Targets

    • Target

      Funds_388416.wsf

    • Size

      75KB

    • MD5

      2d13f7d27e387cd9443a957ddab5bec9

    • SHA1

      d100203ca5021e463a90208188d9aa2cc389b85f

    • SHA256

      6593b65557133c5fd101733e4f7ca27f265c2312f36a088d360def48cf6c1c35

    • SHA512

      cde5aab10ef6ccca77e9d7b8c89b08310044ac6bc291ff78095c7ba9610f28c677b1568327754c1fe2d583e8f981cd5f1f5ee9bea07fb4726dc8fb6f2d12c98a

    • SSDEEP

      1536:SMMmr6MGe+e+gSecKrrHF55wEd9t9Gy7VuYeKAO:SMf6MGeh7SMr1w8l7VuYeKAO

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks