Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
run.vbs
-
Size
269B
-
Sample
231106-hlqemsbb75
-
MD5
3dba029327dfd9f7166738e4d851cb8a
-
SHA1
14c8f1078e934ae31a41eac643e9a1cca2ecf0c6
-
SHA256
666131bf5ae20a64b55a835006afae921f20fc23923aeaf0d918ebb4718f8e4e
-
SHA512
39585229250c8d48093fa78f5779d785efbaf41ac5829070f9316f2b95368b940f25d04f0c2a2aa4dac36c71172a9f426ed9dea01a8c7d7bbd01a7b16b943787
Static task
static1
Behavioral task
behavioral1
Sample
run.vbs
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
run.vbs
Resource
win10v2004-20231023-en
Malware Config
Extracted
http://138.68.134.18/main.ps1
Targets
-
-
Target
run.vbs
-
Size
269B
-
MD5
3dba029327dfd9f7166738e4d851cb8a
-
SHA1
14c8f1078e934ae31a41eac643e9a1cca2ecf0c6
-
SHA256
666131bf5ae20a64b55a835006afae921f20fc23923aeaf0d918ebb4718f8e4e
-
SHA512
39585229250c8d48093fa78f5779d785efbaf41ac5829070f9316f2b95368b940f25d04f0c2a2aa4dac36c71172a9f426ed9dea01a8c7d7bbd01a7b16b943787
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-