Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

6109277122...60.bat

windows7-x64

8

6109277122...60.bat

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ihre - Rechnung VI2407464.zip

  • Size

    653B

  • Sample

    240715-hpt71atdln

  • MD5

    881cf3af85a26aafffc57a8e6f8329c3

  • SHA1

    1df407d99c476b7f12cb2447cab94331eda1f948

  • SHA256

    cdf6fdf5b8977aa32b3e8cd9385d1d20a79d528a460910bee4cc30fd326a8020

  • SHA512

    22a7b8bc78a1a0134b9cb2953b243fa2feb508c062ade9de69a2f8941a13f1a5a95952f6e5dd2cea3a7d961f741ad6e375f2eae7e3a620ab926ae110c89a0bd6

Score
8/10
execution

Malware Config

Targets

    • Target

      6109277122782425860.bat

    • Size

      2KB

    • MD5

      81443d20af127866a7ae4543a15872c2

    • SHA1

      5d837f0208199aa9ef1eb8cda80a22e5bb42d0ad

    • SHA256

      8fdaa6591a5c8eff55c7170bafdcb99b2e88f625c3c6e0fd540ed94143b2d9d2

    • SHA512

      36b4fd3ab2c47671eb23a17283cc445444436839c4efa805cf1b55581a81ba8064c83742fb9cf199cc2bda0bc6daadfb11d223f94f0fdcff8745fe6f5a4cd49b

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks