Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Invoke-Mimikatz.ps1

  • Size

    661KB

  • Sample

    240429-pnb4csah4x

  • MD5

    a09639208ce794ec515a1f04346fc5ef

  • SHA1

    3d57d4a3e4f614aca0bb208fb11f0c673b3e45cb

  • SHA256

    1b441fde04d361a6fd7fbd83e969014622453c263107ce2bed87ad0bff7cf13f

  • SHA512

    b2b4b71dc8b641bbd2578aa4ac38f8c9b7d89f47e76eec74ab41db17a4356b802fb503513e89c5dbf91fef829035851e8685a4567d3356148b81a32fdc40b7ba

  • SSDEEP

    12288:JjyAZ12f9O2Bc8kzpCVYrD6ABwr7uiIN//eFU01Ylbixxn76kjmukmCKZrAiEz6C:JjZ12fhqJNuFUHbiHn76km

Score
8/10

Malware Config

Targets

    • Target

      Invoke-Mimikatz.ps1

    • Size

      661KB

    • MD5

      a09639208ce794ec515a1f04346fc5ef

    • SHA1

      3d57d4a3e4f614aca0bb208fb11f0c673b3e45cb

    • SHA256

      1b441fde04d361a6fd7fbd83e969014622453c263107ce2bed87ad0bff7cf13f

    • SHA512

      b2b4b71dc8b641bbd2578aa4ac38f8c9b7d89f47e76eec74ab41db17a4356b802fb503513e89c5dbf91fef829035851e8685a4567d3356148b81a32fdc40b7ba

    • SSDEEP

      12288:JjyAZ12f9O2Bc8kzpCVYrD6ABwr7uiIN//eFU01Ylbixxn76kjmukmCKZrAiEz6C:JjZ12fhqJNuFUHbiHn76km

    Score
    8/10
    • Blocklisted process makes network request

    • Legitimate hosting services abused for malware hosting/C2

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Enterprise v15

Tasks