Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Bank_Credit_authorization_letter_pdf.js

  • Size

    237KB

  • Sample

    230531-s73bfagc7s

  • MD5

    244939587914af01d24ef6a3e14581af

  • SHA1

    45ec0fb28d93363e9e17818bc7cfaafdc3c680b1

  • SHA256

    b9ecbdc46ba03daf23a6b2c0a32b6c950bef2d1d4ab967dcf901d65a48e835fb

  • SHA512

    1bd8d0a00dc70936e2238115b41da10f791819e19c6582810132fa8cfca478264a867bdc1f65db278c75358aa7b21b304ac0b9f0aa7d72d0a09080008205ad4e

  • SSDEEP

    3072:MhYgNripx58ev3jK5Kk00LvVPdTg9r2e9XSg6ZSjglFfgKCuAQkvXI0:MEx5jv324tYvtdTUNsxZ9lFoKCuAlXl

Score
8/10

Malware Config

Targets

    • Target

      Bank_Credit_authorization_letter_pdf.js

    • Size

      237KB

    • MD5

      244939587914af01d24ef6a3e14581af

    • SHA1

      45ec0fb28d93363e9e17818bc7cfaafdc3c680b1

    • SHA256

      b9ecbdc46ba03daf23a6b2c0a32b6c950bef2d1d4ab967dcf901d65a48e835fb

    • SHA512

      1bd8d0a00dc70936e2238115b41da10f791819e19c6582810132fa8cfca478264a867bdc1f65db278c75358aa7b21b304ac0b9f0aa7d72d0a09080008205ad4e

    • SSDEEP

      3072:MhYgNripx58ev3jK5Kk00LvVPdTg9r2e9XSg6ZSjglFfgKCuAQkvXI0:MEx5jv324tYvtdTUNsxZ9lFoKCuAlXl

    Score
    8/10
    • Blocklisted process makes network request

    • Drops startup file

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks