Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

!!BEST TWE...he.exe

windows7-x64

1

!!BEST TWE...he.exe

windows10-2004-x64

1

!!BEST TWE...ng.bat

windows7-x64

1

!!BEST TWE...ng.bat

windows10-2004-x64

1

!!BEST TWE...SE.bat

windows7-x64

1

!!BEST TWE...SE.bat

windows10-2004-x64

1

!!BEST TWE...me.lnk

windows7-x64

3

!!BEST TWE...me.lnk

windows10-2004-x64

7

!!BEST TWE...rs.url

windows7-x64

1

!!BEST TWE...rs.url

windows10-2004-x64

1

!!BEST TWE...rs.url

windows7-x64

1

!!BEST TWE...rs.url

windows10-2004-x64

1

!!BEST TWE...rs.url

windows7-x64

1

!!BEST TWE...rs.url

windows10-2004-x64

1

!!BEST TWE...Us.cmd

windows7-x64

1

!!BEST TWE...Us.cmd

windows10-2004-x64

4

!!BEST TWE...ll.lnk

windows7-x64

3

!!BEST TWE...ll.lnk

windows10-2004-x64

7

!!BEST TWE...ps.lnk

windows7-x64

3

!!BEST TWE...ps.lnk

windows10-2004-x64

3

!!BEST TWE...er.ps1

windows7-x64

3

!!BEST TWE...er.ps1

windows10-2004-x64

3

!!BEST TWE...er.ps1

windows7-x64

3

!!BEST TWE...er.ps1

windows10-2004-x64

3

!!BEST TWE...ck.ps1

windows7-x64

3

!!BEST TWE...ck.ps1

windows10-2004-x64

3

!!BEST TWE...ts.ps1

windows7-x64

3

!!BEST TWE...ts.ps1

windows10-2004-x64

3

!!BEST TWE...or.ps1

windows7-x64

3

!!BEST TWE...or.ps1

windows10-2004-x64

3

!!BEST TWE...il.ps1

windows7-x64

3

!!BEST TWE...il.ps1

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32e0ac27e012842548302513bc20fcf5.bin

  • Size

    121KB

  • Sample

    240701-bwqd3avhlj

  • MD5

    32e0ac27e012842548302513bc20fcf5

  • SHA1

    f8d541037cf654940d624aeedda9915185cc802e

  • SHA256

    2b40d424237ca996aeb4106ede91f3a831dc106781f7f79196fe10b9efbe98de

  • SHA512

    9e16b6f5b07befd39dc9d86e6adde6cfa1ddb40d19875a3687ba80e3b36d22f32b68c34169df57f0ff4dec2d9a4251eb6ff0479673d34a41f05b5164d0a1b1d2

  • SSDEEP

    3072:ZtnkjoZW1MgsAzptMNMS3y+zfnyjzv6lWLYMj:Lk8Z6vMNZDyjuS

Score
7/10
execution

Malware Config

Targets

    • Target

      !!BEST TWEAKS/PC Cleanup/Clear Memory Cache.exe

    • Size

      136KB

    • MD5

      3555e25964bf8e983e863daaf1e4d0d6

    • SHA1

      de5133bdbb40cfb0119dec5ac54dfbbff21b47d0

    • SHA256

      6d2b18f8a8ba787d3fa4c6e36ed6c7af66b10083ce555a21ec24b2ada3821cbe

    • SHA512

      c0c9d78ea79ca4e06716dab2497843c730e53101872f855671423b5feff0ce06e1db0519fe7710f673b21ae6cd51e6eba443697ef8798e755868f39282c2ac54

    • SSDEEP

      3072:iOXQAmidaOUNM18K6QgNjgO+SkNn6P7Q2k/9KORSGhY+HlnrLNX2z4Yb15qDxG1:1vzUN12gNk8kNXD4

    Score
    1/10
    behavioral1behavioral2

    • Target

      !!BEST TWEAKS/Registry _ Batch/Disable USB Powersaving.bat

    • Size

      518B

    • MD5

      d8acddee643d3140daf6da682f37d120

    • SHA1

      850731dec96cc29c2776f225cf286a65b5484cf3

    • SHA256

      710fcbc4bd41fd8649b673d3d3b582246e44465e172eb6f148d0e0e01c34e25d

    • SHA512

      95390224b68f68598e6a60782e2840fa981a8611b38577a4f06d67c1e38125923486155fb492bd9099adf993b68325ac958b13487a6d09dd10d0573719a15092

    Score
    1/10
    behavioral3behavioral4

    • Target

      !!BEST TWEAKS/Registry _ Batch/EnableFSE.bat

    • Size

      449B

    • MD5

      55d6c6bc4bcb289fa38b279abae4cdd5

    • SHA1

      1b338d5b1f992e2a44e0a9bd52f6908f4ad44125

    • SHA256

      84000ccc7ea1a576cb5a35430b219bccc40b521eaf9befca0f06d3447720d5a3

    • SHA512

      a49109c49c52a9aae3738fc20bdd2ab5c990056b985dc0ee42b908f8b97356705b4d6b349c3d4bc4b865d954aed6daf3d03c4f5f7b0b56058ad3e9ee652e0548

    Score
    1/10
    behavioral5behavioral6

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/# Get Network Drivers/# Get Network Adapter Name.lnk

    • Size

      955B

    • MD5

      aa5867f911fb896987b51e49d8d5ef3e

    • SHA1

      b9ecc79da1f3a173c902365dc2241dfa4562c3c7

    • SHA256

      1fdbccc0e6bac7303f23427650c180384e25d633fd8fdfade1443bb476765f09

    • SHA512

      f538c36075f43c2da3fb0d0d260dd349bf942f14b826dfa0c5872363d225856a2d69bd10fa951c9aa0223fb5eef9de47b084d7ebcbc8eef5db8e9bf1bb9b620e

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral7behavioral8

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/# Get Network Drivers/Intel Ethernet Drivers.url

    • Size

      190B

    • MD5

      eb6bc5c78715468bf171357e990dd197

    • SHA1

      6e51c17a146bb570356fca82be5f35d307b28b4d

    • SHA256

      084f89d5588b1042a1447f52e5ed396141832cf76eb5787e5c8aa812270ca61b

    • SHA512

      e406720519052a9b9f594a520fb58cb0bb84da8dac010e3f2938f79ce94acc21145ad5133e47188134aec53707ca16de8544dfdfc54dc8e3e3e3aab30667aefb

    Score
    1/10
    behavioral10behavioral9

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/# Get Network Drivers/Intel Wifi Drivers.url

    • Size

      200B

    • MD5

      9d5f268b7ce9472543a95a51d85f3883

    • SHA1

      324ae6f84a2fc3b757ae7277bb89bbec5405f849

    • SHA256

      b6002afd89ed5d15108f54af0827627364cd155ddcea476713944b9aa4b1d4b2

    • SHA512

      c0466a039abad203c655dae9b31b3abbc2be72028d04da675c933df82a4e75ce53d8154a36f98f3a92baca751733300771111a12f1c00b2b4787933e4f574963

    Score
    1/10
    behavioral11behavioral12

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/# Get Network Drivers/Realtek Ethernet Drivers.url

    • Size

      230B

    • MD5

      dda747640555de39dd547cdc59daca4e

    • SHA1

      30c11b1197573b74b2e4719aad03df3bb1bf9fd8

    • SHA256

      41df6e5e4570040cb80ec44aa150e9d968ec1eb65e34a6fc69d1e4675d3c60cf

    • SHA512

      341cc21fb2d466d1338fb14f9b0900fae030dba54913638ae16426f3e0bb4ba5da292318c4473746db8ea7cea1dc34f4e343646e691e0564cbc8ffa7c55444ff

    Score
    1/10
    behavioral13behavioral14

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/1 Disable WUs/2 Disable WUs.cmd

    • Size

      763B

    • MD5

      4d7ad463f41e3489cfa8ec4327a67166

    • SHA1

      b6424856de31b9bf49b2f354186e7f8598802b3b

    • SHA256

      35e2e4cfae6c8e936cef2b3cf2ce179687eef3ad89e8746e81cc228b5588a090

    • SHA512

      01bcc635644cfaf1f8673098b301e0d25e9adabb1b5c3b448041f1edf5bf43c82e2286c992079407916a875d5a9d1c1f152779883e456626a3940d20aec173d6

    Score
    4/10
    behavioral15behavioral16

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/# Revert/PowerShell.lnk

    • Size

      1KB

    • MD5

      f7402e4857e9a54bba970d7e183b16d6

    • SHA1

      d90b269f41658a983296e34c5ec7ab662d9a44fd

    • SHA256

      8613bef0a047daea190397d80fa6c8cb2f056654873716f67dd0852fb82dfba6

    • SHA512

      b254a4be98b1cda1e50b03cc4309b41257072c7e2db72867278397edeaca912521846afb23c19f34b77d4024437d78930163d9560beed76dfdd38faa9fdf43eb

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral17behavioral18

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/# Uninstall Apps.lnk

    • Size

      1KB

    • MD5

      22e365a15c72c3e46bb1ffef6963a768

    • SHA1

      d7403e51adcc238051079bd4a9f8d28d2ebecfb5

    • SHA256

      bd12955939c4d655e7cb6ade2a5f72164891472dc19f21a35c101d0cc2c08631

    • SHA512

      cb7ebce712d2e83fab652c0e635efdb8706faea416446303832291dc6d37ae980356de5c79a09966a21b8c920411095dd1a69e7ec0b07dc4ccc00e4c11d40a02

    Score
    3/10
    behavioral19behavioral20

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall 3D Builder.ps1

    • Size

      48B

    • MD5

      11121ad9465776c6a8dff27c2c738614

    • SHA1

      dbe4fb4e07be57e5c045e472b0a553271698fb83

    • SHA256

      22e5edab986e2f586d5348aebd733998aa2aeb7ffb16b2889c4bff66e8e4554f

    • SHA512

      6907e123ef3a7592b5b5aba710f04be389595ceda212c3440c20e94824506990a5edf2f93f88c8b8c46662eb237f4b7b356d610a315d14e0c10c221657fdd989

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall 3D Viewer - Mixed Reality Viewer.ps1

    • Size

      66B

    • MD5

      407c9ee27cbee4c395e06bf919e0b370

    • SHA1

      748c733d355556be0b3f9873b04003cc38783a54

    • SHA256

      5dc334e6f2d4d01e0008021341d7d9494853aa4bb44beefbd73617eeec3cdb7a

    • SHA512

      01e407df748bb290cfa167e79f74dbffcfceff13bf99d9fce4b6ac3b9b9d198d659e9fd01e053dd52dd02e58535f1833880305765b6a61068184c44ff2bb33cb

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall Alarms and Clock.ps1

    • Size

      52B

    • MD5

      8150acfb0c1a8e8d46112fe1505777ea

    • SHA1

      11c5a1206eb75d5d85b240ea41a1a10db56e8364

    • SHA256

      183ec0fcf55b1f90076d7b4225bf566f66b2f8676d1322804e20c740f4b0ef27

    • SHA512

      8c1a5cd3ea5bb8a93acdd230c41e26bdc22f97cea4aec9fc51e30521fb6ed820e1d13766f8860a5fa5aab174de3b8647bc58c1cee8dfa8c00eb95eb9708d4c9c

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall Bing Sports.ps1

    • Size

      49B

    • MD5

      aa042c21446e41f08f558db0631d0674

    • SHA1

      bbe97a984733f000f310815bdfcd88c6dab953b2

    • SHA256

      3f20c6d6c412df1091c2d833f89f7c3396d678a2a87a9d0da1eab47cde53e5f8

    • SHA512

      b547e04d65395916d0574d5bd7abffb72bfaeeb41038be6ef159b2db1857c7c703de49f6a74dae0e76dbf098dfc78df393689e0d4417ba1b7b155a2b1ca4e9fe

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall Calculator.ps1

    • Size

      56B

    • MD5

      688d5882048ab35eb0cc7282f651e383

    • SHA1

      cad2d65dec767bc0f3175c3af731cb7f4430603e

    • SHA256

      c9f044fe093d15891d18dabb8be9738e3ccc1ab0c0a49b24d597ac66dc4ac6d8

    • SHA512

      1031188deb7e626e7fbde522c89507b3a487b9a9646ca17c11710edcb8da78e7b0c46df62bf4779abf433dd451df77b5487febecd2ef78a61355f12dadbd7263

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      !!BEST TWEAKS/Windows Post-Installation Pack/2 Debloat Windows/Safe Method/Uninstall Calendar and Mail.ps1

    • Size

      64B

    • MD5

      116e644b41be7d528d5333e3ad02a459

    • SHA1

      b2ff56b0fb10b6c6ceba5b9255863ad15d9713ae

    • SHA256

      890f6e0ef25c44028ae0b0d6b547fd743c79d26da69f397c9afe509eb1f905a2

    • SHA512

      240ab2a8c5bc25349c69321931e9dd987628d4421218375bc5d36d31e0a1167adce23344e56654560f69efb12a1dff1729ff2e7b2ad7a4c38b472fefbdd02b37

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

Score
7/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
4/10

behavioral17

Score
3/10

behavioral18

Score
7/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10