Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    trigger.vbs

  • Size

    75B

  • Sample

    240524-v6qmcsdh69

  • MD5

    520a3ec50de35a52fe49b645b4af9a9e

  • SHA1

    dc244939b8eedae3791b025a1780b9464ede5713

  • SHA256

    cdea919cf913a1cb8aa9ef0dc263ddffaabafab4139b154af0cfa801c00fbfe8

  • SHA512

    f15bd0410081fd396fb6ac2062f9507f155ebb4babcb604ab5acfd38e32dfeabb57fae4a3718b3c614b8f0dcc3bbb62af7fd1375e121050d36ce515ee400db60

Score
10/10

Malware Config

Targets

    • Target

      trigger.vbs

    • Size

      75B

    • MD5

      520a3ec50de35a52fe49b645b4af9a9e

    • SHA1

      dc244939b8eedae3791b025a1780b9464ede5713

    • SHA256

      cdea919cf913a1cb8aa9ef0dc263ddffaabafab4139b154af0cfa801c00fbfe8

    • SHA512

      f15bd0410081fd396fb6ac2062f9507f155ebb4babcb604ab5acfd38e32dfeabb57fae4a3718b3c614b8f0dcc3bbb62af7fd1375e121050d36ce515ee400db60

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Registers new Print Monitor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks