Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

12/07/2024, 07:45

240712-jldlhswhmg 8

General

  • Target

    I-MY-5323785035-D03395124_20240711081006.vbs

  • Size

    34KB

  • Sample

    240712-jldlhswhmg

  • MD5

    957d64e4f6f9fd73176ea4a218026624

  • SHA1

    2a53d35c9eec815702514fe59b80ad762dc52a9d

  • SHA256

    ebab8d1c2d8ea94b1c9a4025ef1fca0f23e957ac68575f085731c7459d9bd16f

  • SHA512

    0a9e42d2c1f64c236ebfaac715ffb9abf9334efb1405c016d6fc04d5c164165b01b4d886c48ae0a9d74e1b214676bff9c618bfbdece5212d4035e03a6c406350

  • SSDEEP

    768:bhzMKHJtZV0FakVhrbDA617P0yPyPUtHw6bOjy310Y0T9ZOfXq:b+KYhrzYyPgEgZj

Score
8/10

Malware Config

Targets

    • Target

      I-MY-5323785035-D03395124_20240711081006.vbs

    • Size

      34KB

    • MD5

      957d64e4f6f9fd73176ea4a218026624

    • SHA1

      2a53d35c9eec815702514fe59b80ad762dc52a9d

    • SHA256

      ebab8d1c2d8ea94b1c9a4025ef1fca0f23e957ac68575f085731c7459d9bd16f

    • SHA512

      0a9e42d2c1f64c236ebfaac715ffb9abf9334efb1405c016d6fc04d5c164165b01b4d886c48ae0a9d74e1b214676bff9c618bfbdece5212d4035e03a6c406350

    • SSDEEP

      768:bhzMKHJtZV0FakVhrbDA617P0yPyPUtHw6bOjy310Y0T9ZOfXq:b+KYhrzYyPgEgZj

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks