Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
main.bat
-
Size
1021B
-
Sample
240223-cs7dvaae27
-
MD5
2af9fa8f11372ee57de3a24d8194e933
-
SHA1
d762d1f8f41d945bed6ede83e0849abe72c45ead
-
SHA256
a08fbdb03519aba94086698e6b0dfff6ecaf6a1898947319d807c039c8847156
-
SHA512
a7f86397bb7d1feab2e8c42ffc7b164a0268d619a4cc8058af1d4b4cf61582f0efdae61bf2e292096f4fe2c17cee0913918fb3c866e4f7df81b48a5d7d66377d
Static task
static1
Behavioral task
behavioral1
Sample
main.bat
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
main.bat
Resource
win10v2004-20240221-en
Malware Config
Extracted
https://discord.com/api/webhooks/1210399637668888596/sq9DmWnxKx2Vge5EqmBBpL4Aiwl-hN_Dl0SLT0SDUAgRwBDBJETln7hznNqAh7pHoi4V
Targets
-
-
Target
main.bat
-
Size
1021B
-
MD5
2af9fa8f11372ee57de3a24d8194e933
-
SHA1
d762d1f8f41d945bed6ede83e0849abe72c45ead
-
SHA256
a08fbdb03519aba94086698e6b0dfff6ecaf6a1898947319d807c039c8847156
-
SHA512
a7f86397bb7d1feab2e8c42ffc7b164a0268d619a4cc8058af1d4b4cf61582f0efdae61bf2e292096f4fe2c17cee0913918fb3c866e4f7df81b48a5d7d66377d
Score10/10-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-