Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    trigger.vbs

  • Size

    3KB

  • Sample

    240719-v7jv7swbrb

  • MD5

    200f9345cf839af7b98457b9e408446f

  • SHA1

    57752503ef0c8afe36376f5b2132582682577b2c

  • SHA256

    03bb5d9425464244cb7574cba9929b3dc0e789916b46f2bf5a8e7b533034475f

  • SHA512

    da53cdc6380854f54abea0a9917220dbf20dca448365eaa17a344eba2b1976aeac0f57acbd6244f5c001b3fb1e6e5d94e4fa6ab0ce4a844856e4d1189d98fffd

Score
8/10

Malware Config

Targets

    • Target

      trigger.vbs

    • Size

      3KB

    • MD5

      200f9345cf839af7b98457b9e408446f

    • SHA1

      57752503ef0c8afe36376f5b2132582682577b2c

    • SHA256

      03bb5d9425464244cb7574cba9929b3dc0e789916b46f2bf5a8e7b533034475f

    • SHA512

      da53cdc6380854f54abea0a9917220dbf20dca448365eaa17a344eba2b1976aeac0f57acbd6244f5c001b3fb1e6e5d94e4fa6ab0ce4a844856e4d1189d98fffd

    Score
    8/10
    • Blocklisted process makes network request

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks