Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
AWBSHIPPING-DHL-46T6R9764987.vbs
-
Size
42KB
-
Sample
240430-lsyalshf5s
-
MD5
13c8293c8c161c3c2572a39f2591520a
-
SHA1
a7c9097d4fc7911db572e1be818e1b9fd6ba9a13
-
SHA256
014fa04a5028251ea8ed900339ff91f3a040914ef9ceb8b342d7da22aef09119
-
SHA512
d8add90901ccbc9b62d2a2e5a21cc316475cab94a7ae2e7c900d81a6d7ba67db6d57861d184b847f4fec19065ef76ab6e937d6eec5235051b588ed344d007c95
-
SSDEEP
768:y5jl4SycO0mAWbs1SDsqc59+yXs6r+aTpJZSpVXQ8hcc2gGxy7qk4aQ1DVkzP/R4:y5j+NcOZAWbs1SgR59lrBJSnX5QhxyzC
Static task
static1
Behavioral task
behavioral1
Sample
AWBSHIPPING-DHL-46T6R9764987.vbs
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
AWBSHIPPING-DHL-46T6R9764987.vbs
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
AWBSHIPPING-DHL-46T6R9764987.vbs
-
Size
42KB
-
MD5
13c8293c8c161c3c2572a39f2591520a
-
SHA1
a7c9097d4fc7911db572e1be818e1b9fd6ba9a13
-
SHA256
014fa04a5028251ea8ed900339ff91f3a040914ef9ceb8b342d7da22aef09119
-
SHA512
d8add90901ccbc9b62d2a2e5a21cc316475cab94a7ae2e7c900d81a6d7ba67db6d57861d184b847f4fec19065ef76ab6e937d6eec5235051b588ed344d007c95
-
SSDEEP
768:y5jl4SycO0mAWbs1SDsqc59+yXs6r+aTpJZSpVXQ8hcc2gGxy7qk4aQ1DVkzP/R4:y5j+NcOZAWbs1SgR59lrBJSnX5QhxyzC
Score10/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-