Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/05/2024, 01:35

General

  • Target

    bb9203ca1305e47a2ec1443a640efcd5e2c7d11223184639729673579e12967e.js

  • Size

    533KB

  • MD5

    9b86cd448940a50ab43472676dacb5c0

  • SHA1

    1798cb554fb40bfe6dce86759987e1a3b489f73a

  • SHA256

    bb9203ca1305e47a2ec1443a640efcd5e2c7d11223184639729673579e12967e

  • SHA512

    c3861177009fb9d20fe9b95d6e779ac3ede9a599b8a82a1e0df45d2525e22ee1d80111807223a3572b701dd4caa9d680e9dae9419fa7925fcd85bc59ba9e0ddf

  • SSDEEP

    6144:VTgoYSJ9u2EKHnzirPK86zjXKnjXMjHtIfC3YsS61l3wioIfOEu6TcX3soAEiO8u:xgUJsriGrK8ODNp33ZdBfG3mEsmd

Score
8/10

Malware Config

Signatures

  • Blocklisted process makes network request 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 32 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\bb9203ca1305e47a2ec1443a640efcd5e2c7d11223184639729673579e12967e.js
    1⤵
    • Blocklisted process makes network request
    • Suspicious use of AdjustPrivilegeToken
    PID:60
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Blocklisted process makes network request
    • Suspicious use of AdjustPrivilegeToken
    PID:2360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads