Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
1360.cmd
windows7-x64
4360.cmd
windows10-2004-x64
4360SE.vbs
windows7-x64
3360SE.vbs
windows10-2004-x64
7361.cmd
windows7-x64
1361.cmd
windows10-2004-x64
136OSE.vbs
windows7-x64
636OSE.vbs
windows10-2004-x64
736O安全�... 3.lnk
windows7-x64
336O安全�... 3.lnk
windows10-2004-x64
336O安全�...�3.lnk
windows7-x64
336O安全�...�3.lnk
windows10-2004-x64
3Internet Exploror.lnk
windows7-x64
3Internet Exploror.lnk
windows10-2004-x64
3copy.cmd
windows7-x64
8copy.cmd
windows10-2004-x64
8cpa.cmd
windows7-x64
7cpa.cmd
windows10-2004-x64
1ha.vbs
windows7-x64
3ha.vbs
windows10-2004-x64
8is.cmd
windows7-x64
1is.cmd
windows10-2004-x64
1runonce.cmd
windows7-x64
8runonce.cmd
windows10-2004-x64
8tool.cmd
windows7-x64
7tool.cmd
windows10-2004-x64
7winare.vbs
windows7-x64
1winare.vbs
windows10-2004-x64
1General
-
Target
09c74dae6a419a7e8471ae37844ad9ca
-
Size
5KB
-
Sample
231224-wg8mbaccan
-
MD5
09c74dae6a419a7e8471ae37844ad9ca
-
SHA1
52a332ba2ffafce27cca50a3250979abc172d5aa
-
SHA256
33af3e0f5884bfae36bf081b9eb0ca696c9d3620e74255f72ef1291983e49213
-
SHA512
ce84df409d661002353ec356ef7686b6e5c941f5353435f9dcfd390a805207dca8de39e6d46bfa1a314b33b33587ebdea876f3a1ed7ce6b77343a998cb54056d
-
SSDEEP
96:f796ASubBbZ+Wf2ZoCWyObdrNvQ9oXMIW4u/vlOuRql0l/QWWXZa+ZBCH7exWujT:f796ZcDf2OCWyo2C0RwP0eXI/HixXsyb
Static task
static1
Behavioral task
behavioral1
Sample
360.cmd
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
360.cmd
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
360SE.vbs
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
360SE.vbs
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
361.cmd
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
361.cmd
Resource
win10v2004-20231222-en
Behavioral task
behavioral7
Sample
36OSE.vbs
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
36OSE.vbs
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
36O安全刘览器 3.lnk
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
36O安全刘览器 3.lnk
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
36O安全刘览器3.lnk
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
36O安全刘览器3.lnk
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
Internet Exploror.lnk
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
Internet Exploror.lnk
Resource
win10v2004-20231215-en
Behavioral task
behavioral15
Sample
copy.cmd
Resource
win7-20231129-en
Behavioral task
behavioral16
Sample
copy.cmd
Resource
win10v2004-20231215-en
Behavioral task
behavioral17
Sample
cpa.cmd
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
cpa.cmd
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
ha.vbs
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
ha.vbs
Resource
win10v2004-20231215-en
Behavioral task
behavioral21
Sample
is.cmd
Resource
win7-20231215-en
Behavioral task
behavioral22
Sample
is.cmd
Resource
win10v2004-20231215-en
Behavioral task
behavioral23
Sample
runonce.cmd
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
runonce.cmd
Resource
win10v2004-20231215-en
Behavioral task
behavioral25
Sample
tool.cmd
Resource
win7-20231215-en
Behavioral task
behavioral26
Sample
tool.cmd
Resource
win10v2004-20231215-en
Behavioral task
behavioral27
Sample
winare.vbs
Resource
win7-20231215-en
Behavioral task
behavioral28
Sample
winare.vbs
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
360.cmd
-
Size
1KB
-
MD5
67240c407312315393794e9b65d1e8e5
-
SHA1
810b252670834678fdaa057b39e07985a029be7a
-
SHA256
0a29a7d11891968f5a4a6eb615e87a428d5e93c9a48908c7a1de7cf5a40acf22
-
SHA512
897bfb0b8b9ca3a315ff72b9c937aba50ddb88dd28ce3d8f156ccb01d008e566260e317364966fc3fe59a6f78017ad3924f32dd6d4b4a170550edc55b62bd3f2
Score4/10 -
-
-
Target
360SE.vbs
-
Size
194B
-
MD5
6b80c52f50e5365d484f500112c8fc4e
-
SHA1
1199341427821b402d5d2047e1c636132cfc1fb5
-
SHA256
934b4f7b2d356ee10e4fa8101d02bd32b9812af08e579b3407309b2102e2e381
-
SHA512
bba9444a31536d3364ca484ed0d167f77d4371cf25d7d0bbe33c154557f957c154a708931eda7fa4bbaac0e7c4150a4dd2021d5ebe73d500f72406eb599359fb
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
361.cmd
-
Size
567B
-
MD5
feb810eaa38eb0890ad2034d322e4c79
-
SHA1
a7c7ddd0bd405b949ddbffed364269d145ee78e4
-
SHA256
e346f4ed81e3e7974c4a9978789fc08737abc4c7318f31d747b1ad23ce5bf800
-
SHA512
f96b5e8129ab8fd4703a2e4bddf4245e9c4a64a8d69663f755386021cb8fd34a75bd0fa53b4579145bf50be2948d9ae5d0f4bdb556ae73b4cc85e6a2130f5ab9
Score1/10 -
-
-
Target
36OSE.vbs
-
Size
186B
-
MD5
662f2165658bc093dd1034e1fa967c19
-
SHA1
dfedd96e1beffd2f55a6c695bef3c02d9210c1e8
-
SHA256
8ae7f05d4c5adffd642515452ca81ec561711d244ef075da5fe654fee6528587
-
SHA512
ba3834b019150dbeef6bf423688b37888da75b868621b1f5541c0f4c4df145397d38d9adc26e363a59ea75909aa38d822189b04e87dbaa6273f9a59dba141a18
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
36O安全刘览器 3.lnk
-
Size
728B
-
MD5
5de7d18cf225c0ba1372cf5116e59aa1
-
SHA1
33676f13b1db5ccee2e86051621d885dbf3d67be
-
SHA256
e0165bab67739a877386522ea0ad81fe7efda9761042ce5fec17f2598c46bda0
-
SHA512
51003dc5995d267f32baad7339d18dd69d5c5302026e7ba9921161d42c3691d0c41497a2c865f248c19bc9c24a14844667707dabc0c722baf72ea93b72bbea91
Score3/10 -
-
-
Target
36O安全刘览器3.lnk
-
Size
1KB
-
MD5
66638d05f1edfab2f44526e99ec1c08d
-
SHA1
e06b8e5a4969996db01053a5c3558fcbb2065c88
-
SHA256
9303196dce4d4c98c6ea3568b10edacedddfe99ada0179b649383b46b6bac58b
-
SHA512
c3e0a649c8b23bf2ed935146b66b655187c72420e4abffd6cb6cf099ee98aefe84f92db118ab860ea2c3cbb6c78424f025d788548053d9ab3a4f273f156056fc
Score3/10 -
-
-
Target
Internet Exploror.lnk
-
Size
104B
-
MD5
b6090a24bad18a0205bb215cb1fd42e6
-
SHA1
da56e637a186333e1fa8401b9600e9efcadbe86b
-
SHA256
5cf73d8ba3a6656e804041884cefc0148c3ef80fd4b8633a6647a033082f15f8
-
SHA512
4ca8a5cd200eaf8d8a023c47e7a279e41279c045bf567b81f95e93ca25d5a51dec2786de98efa5b907ec5633c8400e497f6bcaf636d4591d7c42e21ec3039ad4
Score3/10 -
-
-
Target
copy.cmd
-
Size
1KB
-
MD5
505cb6fccd0e15d878b8dcbac64ad4d5
-
SHA1
9b49f5035dd7855646d94bd38cb500805f7829e4
-
SHA256
c4b7e33e97a94a80aea645e8f8601cb3db420bc5a7f828abb93054c2f69341f2
-
SHA512
bc5b17105fbbbaa3af7a8eb0708d379a3206eae93391939584503096a7e8eb260dacb75efe7b82d19fac4c4c2921cc9df36269977cd840c1208905ed08e7771c
Score8/10 -
-
-
Target
cpa.cmd
-
Size
26B
-
MD5
70d1fda1955129df6366d9736fc6708d
-
SHA1
5c408345b15dfd6e9f68694f5d27ba5e1107fd98
-
SHA256
bcb64c2630830a92cda12c8cc449183d663eced283d351877b93956cf352ee3e
-
SHA512
52d0d16eb39d229667dce1fa4119419fb8e1736ff0b953e8f1cbfca594a71a30b65e63923aa591380603578ccdde6ed817ff29fe38f0f9ee9db9495991437958
Score7/10-
Deletes itself
-
-
-
Target
ha.vbs
-
Size
1KB
-
MD5
97b8dddd4361596cdeb6851a0639d834
-
SHA1
7f35a8018d53777c449b9703a867c0f41b542e62
-
SHA256
fa554b0be47bc18d0992bf700e8495ad29237d88413faac60cc1850a51dedb80
-
SHA512
d3103e2bd9c5e272ae7f80e27c62ca70ee06adb6b6c85b2c60f34e781ed54f140caa1cb4f0787256e4e66cd47dd4047cee0bb50a13bac581a05f47d904009f4b
Score8/10-
Creates new service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Registers COM server for autorun
-
-
-
Target
is.cmd
-
Size
95B
-
MD5
5b3aca86e0c9eaf57e4d29f4a9f11571
-
SHA1
2300ea98a75fdb1f8c72da8a758a1885e4441469
-
SHA256
4cc6b5c204f0568f51ad13a04e4b3522256c558f36c656d5038b1871aacdb308
-
SHA512
eba2b1725c68584d5521e945a5f004216fa4b9267f2c6d39cdfeb7b4c8ed17a287be75c5b2f8147d785c35e69835de429365a212f0ed51c904c49a9efddd18a6
Score1/10 -
-
-
Target
runonce.cmd
-
Size
11KB
-
MD5
6e419580c83dc37ea0d4180edf970d8d
-
SHA1
925a3a9bb26c499419a9af243bc2c7cc8269057d
-
SHA256
b9106c1bfd52fc13d097951b44d3f6f2023f5e31e9bbbf8dbccf8aad3b6adcd7
-
SHA512
9021fff118365e8d384ef7ac41779ea6eca60ff30da2d8d1e36a8382594847cb6bfdd0d614cee3c2cba6c20b998020dd2289ec642b6380691b0e8548046cd3a7
-
SSDEEP
192:/g5FLWfHOgMRFRY2GzTjiUY1pNcaSnnvmIUJYI53TWOC799AGDvUOF5QxyJtQmFK:/g5FLWfHOgMRFRY2GzTjiUY1pNcaSnnm
Score8/10-
Creates new service(s)
-
-
-
Target
tool.cmd
-
Size
3KB
-
MD5
d7eece295819ac643894e11ec290fc16
-
SHA1
eaf976563ab1d54ddbb538846f21d80663c0482b
-
SHA256
00057dbc21e30cd983f4428934333acc1243bef2a7ae3e89ccfed37aaea35aef
-
SHA512
61602cd5b19a9f3d65c52ec8b393081949167496ec02420fe403e5ee63a3f59f29d367246af4a6ba3a6437ea46759315f6e1721fbd44f84878b548e61d261036
Score7/10-
Registers COM server for autorun
-
-
-
Target
winare.vbs
-
Size
995B
-
MD5
ca800c94c5577bfe494c00298f8d4bc4
-
SHA1
41aef2500e443dc7a1c614ad8a38dfd1035a728f
-
SHA256
e4004d757e7cb870d7846ff7dd328afba5a2dcc49e7fbe73c0d1c42e720d56b4
-
SHA512
ef38e3973685b3ad5bf4ca50858b6ca24756ea63eef955af2e9ae3d7cc86659ef37267e4bbbca938b143fff692ac65dfe64c37d9fd9ae6598650d8505dfb3bcb
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
2