Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NEAS.tKw0c...sh.ps1

windows7-x64

10

NEAS.tKw0c...sh.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.tKw0c9h7.posh.ps1

  • Size

    3KB

  • Sample

    231117-t9kd3scc61

  • MD5

    1586aeaa9eda2d45832b513f1402166c

  • SHA1

    0d8fcd64d35d1b0809ca9da268c5bb7170d1e341

  • SHA256

    85cb3767b22a0fe7280519d30663972557ccd681738baa855f70daf767dc6d42

  • SHA512

    ce79ac619b9a0ff9a55a1ad23ef8a4d637a0a2bd70dd1cb083f48454c19bb3b74e2cad3714a2acca4ff11f51fc1908639e3753de89238f59c33f816815a0dcec

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

18.177.76.42:18064

Targets

    • Target

      NEAS.tKw0c9h7.posh.ps1

    • Size

      3KB

    • MD5

      1586aeaa9eda2d45832b513f1402166c

    • SHA1

      0d8fcd64d35d1b0809ca9da268c5bb7170d1e341

    • SHA256

      85cb3767b22a0fe7280519d30663972557ccd681738baa855f70daf767dc6d42

    • SHA512

      ce79ac619b9a0ff9a55a1ad23ef8a4d637a0a2bd70dd1cb083f48454c19bb3b74e2cad3714a2acca4ff11f51fc1908639e3753de89238f59c33f816815a0dcec

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.