Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00.vbs
-
Size
25KB
-
Sample
240607-b9c1wsff7s
-
MD5
ecdc12be2020c1f7e5717bc672a55037
-
SHA1
f20edefa4b90096e9a6c3fa52c83a36f1d29c139
-
SHA256
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00
-
SHA512
2478158edcdbdd9dab60fe942acc69465c8ecbf727cfc34180a3519380f40d789a9f0d726677014a313c074b9ef855028de7283da8dd7499e631355ba7bb8a76
-
SSDEEP
384:Gxk2uAnx4nmWDO2xOoNfSWuEBINfPDlrqhqW8J8fIKy+j6YwZ/FPT:Gq20xDpdNaaBKfPhCqWNRy+j6PXT
Static task
static1
Behavioral task
behavioral1
Sample
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00.vbs
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00.vbs
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00.vbs
-
Size
25KB
-
MD5
ecdc12be2020c1f7e5717bc672a55037
-
SHA1
f20edefa4b90096e9a6c3fa52c83a36f1d29c139
-
SHA256
78c839524d9027043b84f28cae2b5d3f376f6318d29732ebc553a4a6595eff00
-
SHA512
2478158edcdbdd9dab60fe942acc69465c8ecbf727cfc34180a3519380f40d789a9f0d726677014a313c074b9ef855028de7283da8dd7499e631355ba7bb8a76
-
SSDEEP
384:Gxk2uAnx4nmWDO2xOoNfSWuEBINfPDlrqhqW8J8fIKy+j6YwZ/FPT:Gq20xDpdNaaBKfPhCqWNRy+j6PXT
Score8/10-
Adds policy Run key to start application
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-