Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

downloaded-3.ps1

windows7-x64

8

downloaded-3.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    downloaded-3.ps1

  • Size

    122B

  • Sample

    231128-gqwa1sfg5s

  • MD5

    a5c4876dca1f1b6cbe1eb58eca3a533a

  • SHA1

    0abb374d4e3768b98570c7b2f6662d5b0146fe65

  • SHA256

    777873bec8c9e32fb03e54522f7d1e99edee887f0519952bdeccd6e14632d659

  • SHA512

    9bd7debc9c4ee4bb7741cc999d30117ed4b25d14e7775108a30d57cc152bcccc6dbd0da05599225d077ecf1ab94dbf665e27492856a13e6db221f0279af85fc0

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://ftroftrodro.top:80/debug/xqli_P8=

Targets

    • Target

      downloaded-3.ps1

    • Size

      122B

    • MD5

      a5c4876dca1f1b6cbe1eb58eca3a533a

    • SHA1

      0abb374d4e3768b98570c7b2f6662d5b0146fe65

    • SHA256

      777873bec8c9e32fb03e54522f7d1e99edee887f0519952bdeccd6e14632d659

    • SHA512

      9bd7debc9c4ee4bb7741cc999d30117ed4b25d14e7775108a30d57cc152bcccc6dbd0da05599225d077ecf1ab94dbf665e27492856a13e6db221f0279af85fc0

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks