Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
trigger.vbs
-
Size
3KB
-
Sample
240719-v754fawcke
-
MD5
380063939b0d61e119103e115d5dc342
-
SHA1
11784f868ecf6a4706a883d77d00dcbd9ccd0351
-
SHA256
957d04cab6ebe77caab110cc03fffc90d7841e826e130ff9a904701d411d13d7
-
SHA512
ecd9f2e96487ae98b5f4e23d2b13d4722f1ca973b6ea29cbb6f3f69459d1d7d6c364f612df84ada94258b68a4e48d364eaf893c1af293375a470e0a7bdb55862
Static task
static1
Behavioral task
behavioral1
Sample
trigger.vbs
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
trigger.vbs
-
Size
3KB
-
MD5
380063939b0d61e119103e115d5dc342
-
SHA1
11784f868ecf6a4706a883d77d00dcbd9ccd0351
-
SHA256
957d04cab6ebe77caab110cc03fffc90d7841e826e130ff9a904701d411d13d7
-
SHA512
ecd9f2e96487ae98b5f4e23d2b13d4722f1ca973b6ea29cbb6f3f69459d1d7d6c364f612df84ada94258b68a4e48d364eaf893c1af293375a470e0a7bdb55862
-
Blocklisted process makes network request
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-