Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

23/02/2024, 02:26

240223-cw8fbaaa2x 10

23/02/2024, 02:21

240223-cs7dvaae27 10

General

  • Target

    main.bat

  • Size

    1021B

  • Sample

    240223-cs7dvaae27

  • MD5

    2af9fa8f11372ee57de3a24d8194e933

  • SHA1

    d762d1f8f41d945bed6ede83e0849abe72c45ead

  • SHA256

    a08fbdb03519aba94086698e6b0dfff6ecaf6a1898947319d807c039c8847156

  • SHA512

    a7f86397bb7d1feab2e8c42ffc7b164a0268d619a4cc8058af1d4b4cf61582f0efdae61bf2e292096f4fe2c17cee0913918fb3c866e4f7df81b48a5d7d66377d

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://discord.com/api/webhooks/1210399637668888596/sq9DmWnxKx2Vge5EqmBBpL4Aiwl-hN_Dl0SLT0SDUAgRwBDBJETln7hznNqAh7pHoi4V

Targets

    • Target

      main.bat

    • Size

      1021B

    • MD5

      2af9fa8f11372ee57de3a24d8194e933

    • SHA1

      d762d1f8f41d945bed6ede83e0849abe72c45ead

    • SHA256

      a08fbdb03519aba94086698e6b0dfff6ecaf6a1898947319d807c039c8847156

    • SHA512

      a7f86397bb7d1feab2e8c42ffc7b164a0268d619a4cc8058af1d4b4cf61582f0efdae61bf2e292096f4fe2c17cee0913918fb3c866e4f7df81b48a5d7d66377d

    Score
    10/10
    • Blocklisted process makes network request

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks