Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

107671216610864.bat

windows7-x64

10

107671216610864.bat

windows10-2004-x64

107671216610864.bat

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    107671216610864.bat

  • Size

    517B

  • Sample

    240630-3awgqsydrf

  • MD5

    ac9d73455d58bfa42f81e718b8c8d6b5

  • SHA1

    60040fff333b7bc09b22e5c013f11b8a99555ed3

  • SHA256

    4a084dd6b556a67848483a5763f8d3eebadc0527f804f102f7f944b23b31cb12

  • SHA512

    ad24994554a8e6bb68f5ca80b1c53379f7a577964165f56d2f6bef14340fec3d0f17d14faa2db4651776a83bd5686f26ee59080ee2a16d0468b8d38504e460b2

Score
10/10
evasionexecution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://rentry.co/regele/raw

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/xmrig.zip

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://github.com/xmrig/xmrig/releases/latest

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://github.comDownloadString

Targets

    • Target

      107671216610864.bat

    • Size

      517B

    • MD5

      ac9d73455d58bfa42f81e718b8c8d6b5

    • SHA1

      60040fff333b7bc09b22e5c013f11b8a99555ed3

    • SHA256

      4a084dd6b556a67848483a5763f8d3eebadc0527f804f102f7f944b23b31cb12

    • SHA512

      ad24994554a8e6bb68f5ca80b1c53379f7a577964165f56d2f6bef14340fec3d0f17d14faa2db4651776a83bd5686f26ee59080ee2a16d0468b8d38504e460b2

    Score
    10/10
    evasionexecution

    • Blocklisted process makes network request

    • Stops running service(s)

      evasionexecution

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks