Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

tKw0c9h7.posh.ps1

windows7-x64

10

tKw0c9h7.posh.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tKw0c9h7.posh.ps1

  • Size

    3KB

  • Sample

    231117-l5mpmshg4t

  • MD5

    1586aeaa9eda2d45832b513f1402166c

  • SHA1

    0d8fcd64d35d1b0809ca9da268c5bb7170d1e341

  • SHA256

    85cb3767b22a0fe7280519d30663972557ccd681738baa855f70daf767dc6d42

  • SHA512

    ce79ac619b9a0ff9a55a1ad23ef8a4d637a0a2bd70dd1cb083f48454c19bb3b74e2cad3714a2acca4ff11f51fc1908639e3753de89238f59c33f816815a0dcec

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

18.177.76.42:18064

Targets

    • Target

      tKw0c9h7.posh.ps1

    • Size

      3KB

    • MD5

      1586aeaa9eda2d45832b513f1402166c

    • SHA1

      0d8fcd64d35d1b0809ca9da268c5bb7170d1e341

    • SHA256

      85cb3767b22a0fe7280519d30663972557ccd681738baa855f70daf767dc6d42

    • SHA512

      ce79ac619b9a0ff9a55a1ad23ef8a4d637a0a2bd70dd1cb083f48454c19bb3b74e2cad3714a2acca4ff11f51fc1908639e3753de89238f59c33f816815a0dcec

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks