Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    nigazxbb.vbs

  • Size

    934KB

  • Sample

    230804-js4raabb9z

  • MD5

    133460a82fbeac6ae274c61d2e17260d

  • SHA1

    4159337e9feed1e353717507c97a23b3741823b3

  • SHA256

    e223e4e398bef57d183b5f34b68f895d2ecbdcdd99c762fe5b5351c37c17df0c

  • SHA512

    735a986616a29328eb2864b2cd8f97c480dbd77f36c534aac701111607cd3d700a174b969080ea2d5d300812818d21b4a41fb8b0b5b9c88f198ea4d7bc4869a5

  • SSDEEP

    3072:cVJtH/oyWLiFw/im3AB6xv8imSbYF0RNe4VTdRnTT8w4TW6ZqEiYzOpRbtMMv6qC:iHwyWLiFw/im3A+mSbYF1Zq6

Score
8/10

Malware Config

Targets

    • Target

      nigazxbb.vbs

    • Size

      934KB

    • MD5

      133460a82fbeac6ae274c61d2e17260d

    • SHA1

      4159337e9feed1e353717507c97a23b3741823b3

    • SHA256

      e223e4e398bef57d183b5f34b68f895d2ecbdcdd99c762fe5b5351c37c17df0c

    • SHA512

      735a986616a29328eb2864b2cd8f97c480dbd77f36c534aac701111607cd3d700a174b969080ea2d5d300812818d21b4a41fb8b0b5b9c88f198ea4d7bc4869a5

    • SSDEEP

      3072:cVJtH/oyWLiFw/im3AB6xv8imSbYF0RNe4VTdRnTT8w4TW6ZqEiYzOpRbtMMv6qC:iHwyWLiFw/im3A+mSbYF1Zq6

    Score
    8/10
    • Blocklisted process makes network request

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks