Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

857ae746a9...18.vbs

windows7-x64

8

857ae746a9...18.vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    857ae746a9d7ce6eb687f8b8a98192902a22311d50f957ca12b0744a2b37db18.vbs

  • Size

    168KB

  • Sample

    240326-c37scsca36

  • MD5

    023e73a33c40349e529d5484217b864c

  • SHA1

    5c419a6cda906ecbb7a5cfd346400f67202afee9

  • SHA256

    857ae746a9d7ce6eb687f8b8a98192902a22311d50f957ca12b0744a2b37db18

  • SHA512

    b0bcb19669a5b8a52ba8a0acb1767a9bc0b643671b9bdcc94b56f5dd70b2b1e9e4f8fa1db1bb03eb6d79878057897c06b4dcd19353f9d7bc08fbb1931d4518e0

  • SSDEEP

    3072:sd4yENVBkYr4LhpVXpKnupn8kH3DPbkhZi3eNRr8O/nGzpwh2RigSavTjbe9K0XQ:sd4yENVOY0NpVXpK68kH3DPbkhZi3eN0

Score
8/10

Malware Config

Targets

    • Target

      857ae746a9d7ce6eb687f8b8a98192902a22311d50f957ca12b0744a2b37db18.vbs

    • Size

      168KB

    • MD5

      023e73a33c40349e529d5484217b864c

    • SHA1

      5c419a6cda906ecbb7a5cfd346400f67202afee9

    • SHA256

      857ae746a9d7ce6eb687f8b8a98192902a22311d50f957ca12b0744a2b37db18

    • SHA512

      b0bcb19669a5b8a52ba8a0acb1767a9bc0b643671b9bdcc94b56f5dd70b2b1e9e4f8fa1db1bb03eb6d79878057897c06b4dcd19353f9d7bc08fbb1931d4518e0

    • SSDEEP

      3072:sd4yENVBkYr4LhpVXpKnupn8kH3DPbkhZi3eNRr8O/nGzpwh2RigSavTjbe9K0XQ:sd4yENVOY0NpVXpK68kH3DPbkhZi3eN0

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks