Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    524110ef91988dee7a38585fe8f846fd4f861be4109f959eb540260625debd7b.rar

  • Size

    1KB

  • Sample

    240624-bhm2sawbjn

  • MD5

    c5fce9f6a01298f74bda96dec150d9d9

  • SHA1

    5384b77b7afe09c78f4561b450c09ea93fd75038

  • SHA256

    524110ef91988dee7a38585fe8f846fd4f861be4109f959eb540260625debd7b

  • SHA512

    2a2d902478199b907fa1a0a632d13316bb4739ee7dd407f89801c1f6bfe4d6d12ca79b442c1393a22595b8ad6e0fdecbd6045b6de8f9751dd0b952dabbb7b627

Score
8/10

Malware Config

Targets

    • Target

      admin.bat

    • Size

      335B

    • MD5

      401de7dcacd7d1fbb53b820a36aadb2a

    • SHA1

      9ab3c572a72130e897eea884790ffbf21a4ce131

    • SHA256

      0bb93a4d9a0b9f697aeaee201e39093100d3fff23ceada1aa3a47596e20f8f02

    • SHA512

      e33e0def7c1ce1f9ca7350fb58385e69181c6ae921b53f45cc83d56ca33452f9913465bb752aefeb15d59e7b69a69505c245e048cb7e32f21e817420ab59bf62

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Target

      admin.ps1

    • Size

      1KB

    • MD5

      6259908a14faf7c75d7998e7582aafd9

    • SHA1

      66c5bc650c36025151b1259085964a3ddf41dc20

    • SHA256

      205d7c0b69b968f0c6092e19e2f0bdc0e656f298f42968e6da9ec746618d8deb

    • SHA512

      e16bb95608bc0ce9e23294039e68f6ed8af4a6525410ca0cfcee85eb42771594f6b1e149276e0c86f1b141600022aea2a305d152fac181efec4d9ac1f1850529

    Score
    3/10
    • Target

      admin.vbs

    • Size

      492B

    • MD5

      fdb3abc6e8942ccd4a09d25d5a169a30

    • SHA1

      b63ae576a7cdbf01b634ad42ab4b3e24276ef88c

    • SHA256

      007059d847f4a7979b86b202468f8afbd13b2d586c1268fdfb4eba711fc22916

    • SHA512

      7b69575d7d80bb8588f9f3d315da5e3198fd50e5cd7fc35ce698e2cba5e08fadccc93b33d61d358555d1b252ef3a91ee4a17de8c3ca2b95297238808fa4de078

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks