Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
23/07/2024, 18:15
Static task
static1
Behavioral task
behavioral1
Sample
defender-control-main/research.ps1
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
defender-control-main/research.ps1
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
defender-control-main/src/defender-control/imgui/imgui_widgets.vbs
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
defender-control-main/src/defender-control/imgui/imgui_widgets.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
defender-control-main/src/defender-control/main.js
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
defender-control-main/src/defender-control/main.js
Resource
win10v2004-20240709-en
General
-
Target
defender-control-main/src/defender-control/main.js
-
Size
1KB
-
MD5
0b0addf87fb13ecfe4d042a4a127374c
-
SHA1
b99586c6a6197159584083c4756d0e01e81ada98
-
SHA256
9374aef862cca19b973a84cb6bf22fbf0648717426563e0e422579169c22c79a
-
SHA512
f35d324d15cc3feccb4c1c0e2068960a8663ca71c363e7a58023d928acab28b1ae23d8a37d193ff1ed90bf31626a74d4c96d8c2799e05faa143a78201524f955
Malware Config
Signatures
-
Command and Scripting Interpreter: JavaScript 1 TTPs
Processes
-
C:\Windows\system32\wscript.exewscript.exe C:\Users\Admin\AppData\Local\Temp\defender-control-main\src\defender-control\main.js1⤵PID:3796
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:2492