Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
-
submitted
09/10/2023, 05:29 UTC
General
-
Target
Cash_Transfer_REF#23284449-9374647.js
-
Size
7KB
-
MD5
4e0ea5c5808c3d0cf7006eb0ef347c4b
-
SHA1
80f8f2d5b7caf2f13b1edd764e56f46930754edc
-
SHA256
d0ec40d1ae32bddb9159e4daa86d2b15535fe6cd456f8251d78fe64667d8abb1
-
SHA512
40745410c37e8cf392c59ca9c8d04779c96624eefe7b8f90f3876f8c54c60518a622db9553b0420f77b34582a586ec68b664089f909e37043a11c0d9734a44d4
-
SSDEEP
48:iVnz7HAx3ZSGwW6PnWe28gR7osdSrwyNNgnw5:itfHAx3ZzwWKWTnR7o8SrwqNgnw5
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 4 IoCs
Processes
-
C:\Windows\system32\wscript.exewscript.exe C:\Users\Admin\AppData\Local\Temp\Cash_Transfer_REF#23284449-9374647.js1⤵
- Blocklisted process makes network request
Network
-
DNSgrapemundo.comRemote address:8.8.8.8:53Requestgrapemundo.comIN AResponsegrapemundo.comIN A103.50.163.157
-
103.50.163.157:443grapemundo.comtls -
103.50.163.157:443grapemundo.comtls
-
103.50.163.157:443grapemundo.comtls
-
103.50.163.157:443grapemundo.com
-
8.8.8.8:53grapemundo.comdns
DNS Request
grapemundo.com
DNS Response
103.50.163.157