Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9e544c53dffc7c410220f17bc3a9f96f83f98a2bcdaa882183408d5194bf6a9e.vbs

  • Size

    23KB

  • Sample

    240312-dgwnmsed5x

  • MD5

    d6695915f760321b845a2816f656e663

  • SHA1

    4b7059d4d43e11a86c3df728f362f4c8446dfc42

  • SHA256

    9e544c53dffc7c410220f17bc3a9f96f83f98a2bcdaa882183408d5194bf6a9e

  • SHA512

    b5b9f34a1ecbfdc744564699b5588412296aac865de1439e9357af17c7ff64c0ddcd960bfb3adcafd014a052f077535c419d2a96e25d90552951a5152c89c724

  • SSDEEP

    384:jrgkau2izS+8ScLLSYxmdIPEwOcFtGiuMcXx5qeBmkgQvZTygL4fKnqvWpsToSFH:jrgkau2iu+8ScLLSYxwIPEwOcFtGiuM1

Score
8/10

Malware Config

Targets

    • Target

      9e544c53dffc7c410220f17bc3a9f96f83f98a2bcdaa882183408d5194bf6a9e.vbs

    • Size

      23KB

    • MD5

      d6695915f760321b845a2816f656e663

    • SHA1

      4b7059d4d43e11a86c3df728f362f4c8446dfc42

    • SHA256

      9e544c53dffc7c410220f17bc3a9f96f83f98a2bcdaa882183408d5194bf6a9e

    • SHA512

      b5b9f34a1ecbfdc744564699b5588412296aac865de1439e9357af17c7ff64c0ddcd960bfb3adcafd014a052f077535c419d2a96e25d90552951a5152c89c724

    • SSDEEP

      384:jrgkau2izS+8ScLLSYxmdIPEwOcFtGiuMcXx5qeBmkgQvZTygL4fKnqvWpsToSFH:jrgkau2iu+8ScLLSYxwIPEwOcFtGiuM1

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks