Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Telex88357 pdf_lnk.lnk

  • Size

    2KB

  • Sample

    240615-jptf5swgjr

  • MD5

    f74968ddce728020a6b4a1378bbf4d41

  • SHA1

    ba807d98906bf7dc33eb237c4da13162f599b595

  • SHA256

    ec99d76761dc1fc2cb6c25f92f80764331e04e060dcf21a228379ad138006d50

  • SHA512

    4a226c31e74305594a34053b5cafa5d11ba37835c7c631734a2d8a0b65f1de85126b76a6befd0901386a1d986d1b5be1e311a9bfea952017e1eb658b37869b82

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://mbycket45344.s3.eu-north-1.amazonaws.com/pcor.bat

Targets

    • Target

      Telex88357 pdf_lnk.lnk

    • Size

      2KB

    • MD5

      f74968ddce728020a6b4a1378bbf4d41

    • SHA1

      ba807d98906bf7dc33eb237c4da13162f599b595

    • SHA256

      ec99d76761dc1fc2cb6c25f92f80764331e04e060dcf21a228379ad138006d50

    • SHA512

      4a226c31e74305594a34053b5cafa5d11ba37835c7c631734a2d8a0b65f1de85126b76a6befd0901386a1d986d1b5be1e311a9bfea952017e1eb658b37869b82

    Score
    10/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks