Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

triage-script.ps1

windows10-1703-x64

8

triage-script.ps1

windows10-2004-x64

8

triage-script.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    triage-script.ps1

  • Size

    469B

  • Sample

    240713-w4b7mavakc

  • MD5

    4d9aeeaa55aeb1d404829c44580a32ce

  • SHA1

    e0a04c1350f1c62919384c0772f94c45aa04daac

  • SHA256

    73f99a2a01279e2157b6bc6c16852fc359b9059460fc679cd817a82fafb99579

  • SHA512

    c997c6b8a4af23566d735d9f34b9cc73da5df22eac0f50836a1d467c05eba007f4bc8d1ad1faf79ac62740f37de1362e99ae4c6b495ef751d9a74b25b931a2c9

Score
8/10
execution

Malware Config

Targets

    • Target

      triage-script.ps1

    • Size

      469B

    • MD5

      4d9aeeaa55aeb1d404829c44580a32ce

    • SHA1

      e0a04c1350f1c62919384c0772f94c45aa04daac

    • SHA256

      73f99a2a01279e2157b6bc6c16852fc359b9059460fc679cd817a82fafb99579

    • SHA512

      c997c6b8a4af23566d735d9f34b9cc73da5df22eac0f50836a1d467c05eba007f4bc8d1ad1faf79ac62740f37de1362e99ae4c6b495ef751d9a74b25b931a2c9

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks