Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
12/07/2024, 07:45
240712-jldlhswhmg 8General
-
Target
I-MY-5323785035-D03395124_20240711081006.vbs
-
Size
34KB
-
Sample
240712-jldlhswhmg
-
MD5
957d64e4f6f9fd73176ea4a218026624
-
SHA1
2a53d35c9eec815702514fe59b80ad762dc52a9d
-
SHA256
ebab8d1c2d8ea94b1c9a4025ef1fca0f23e957ac68575f085731c7459d9bd16f
-
SHA512
0a9e42d2c1f64c236ebfaac715ffb9abf9334efb1405c016d6fc04d5c164165b01b4d886c48ae0a9d74e1b214676bff9c618bfbdece5212d4035e03a6c406350
-
SSDEEP
768:bhzMKHJtZV0FakVhrbDA617P0yPyPUtHw6bOjy310Y0T9ZOfXq:b+KYhrzYyPgEgZj
Static task
static1
Behavioral task
behavioral1
Sample
I-MY-5323785035-D03395124_20240711081006.vbs
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
I-MY-5323785035-D03395124_20240711081006.vbs
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
I-MY-5323785035-D03395124_20240711081006.vbs
-
Size
34KB
-
MD5
957d64e4f6f9fd73176ea4a218026624
-
SHA1
2a53d35c9eec815702514fe59b80ad762dc52a9d
-
SHA256
ebab8d1c2d8ea94b1c9a4025ef1fca0f23e957ac68575f085731c7459d9bd16f
-
SHA512
0a9e42d2c1f64c236ebfaac715ffb9abf9334efb1405c016d6fc04d5c164165b01b4d886c48ae0a9d74e1b214676bff9c618bfbdece5212d4035e03a6c406350
-
SSDEEP
768:bhzMKHJtZV0FakVhrbDA617P0yPyPUtHw6bOjy310Y0T9ZOfXq:b+KYhrzYyPgEgZj
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-