Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5baa5dca1583315a7add9e550dde40fc

  • Size

    46KB

  • Sample

    231226-hzha7aaedl

  • MD5

    5baa5dca1583315a7add9e550dde40fc

  • SHA1

    b3860a972400764b183cf501908a3f1e15934f50

  • SHA256

    0b82619071f194db8381fe5253b0c11d3f0eb951c85f944d679faed1b249a112

  • SHA512

    f72a1360efa1c646e14c300e4d3f45082e84c1713926287850e3bc6679ffb425fa0ed196a89685600e33626923d06fab0f3119970737dcb26108fdca6dd7f066

  • SSDEEP

    768:b0lr8TfPbTIrujrXENNJU0izu3tm/2/aO597RQCgHTZfA3CCY1:b0uTPTjzEN8OWUaA9VPgHTZH1

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://smart-integrator.hr/pornhub.php

Targets

    • Target

      2021APT-28_71700453.js

    • Size

      109KB

    • MD5

      f6a393d8108626ada8accd41aeda7c15

    • SHA1

      dce9fa178fe5ac244d759a6e2a2a3847463406da

    • SHA256

      d1fa39c36a3c6bb33f2cfb305537720415eafa40c5621233654382c5247b7802

    • SHA512

      b32744b28ceeb2202445374bc249015e914099f5d47aec073825ecc17efe3adbe5e199d7459bda51a8dfd8b43699f64ea299215feadfe5b8b82af8302f53af51

    • SSDEEP

      3072:DUB0+wbwRBneQ9Ry98guHVBqqg2bcruzUHmLKeMMU7GwbWBPwVGWl9SZ8kV8Gd51:hRnQ9Ry9RuXqW4SzUHmLKeMMU7GwWBP5

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks