Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10703448577.zip

  • Size

    1KB

  • Sample

    230609-yxbnmaeb2y

  • MD5

    de3cae7da3744db264c717ed129bc442

  • SHA1

    f40873ba215dcc851cd53ed47d3256aae4432d8b

  • SHA256

    306cb62b0268431adac7935bda483e8065d4c1da3b7eb6bb8c57ba659c766249

  • SHA512

    2e5110c9fe3c43cae7c54b778832fc840b6648acd8cb7b87bf729a96c5a36d0741c4ba7c3dae5f39323634c1000059695472e1227a4a64eee1ce46571fa466f8

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://drive.google.com/uc?export=download&id=1HFUT-JDcGJccWNG8J9DQsDnw_Zc2QYn0

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://drive.google.com/uc?export=download&id=1ogbCiwBaVXPjDHhV0GcZx3l_HoU1dbid

Targets

    • Target

      8aab7266ea91f873551d892fd1681f4a800d3d7cc6e46201fbbe4fbbd98ed414

    • Size

      3KB

    • MD5

      1b5b81995133090e5a31ca3bee36794e

    • SHA1

      f9247cad841aa5fa4de76ef4e7e457ae13c4f61e

    • SHA256

      8aab7266ea91f873551d892fd1681f4a800d3d7cc6e46201fbbe4fbbd98ed414

    • SHA512

      5607b4c8512a1d7bfe26d7af7280caa1a5b9ce8eb27cc89e214eabab832278ed65c643f1b87d4738564ba6e0f4760cafa26b9466f5d2916a94a1ef877947a639

    Score
    10/10
    • UAC bypass

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks