Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

trustedinstaller.bat

windows7-x64

10

trustedinstaller.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    trustedinstaller.bat

  • Size

    3KB

  • Sample

    240723-yezmqsxcnf

  • MD5

    a342c02d8b85d351af8871776fc67dd7

  • SHA1

    4b7c7e5697cee05354f0902a3c40d35c7c892a7d

  • SHA256

    9802eda5439017e0b2fe42d53bbeac75176c52b4383e33d1a4cb445a00b16b8b

  • SHA512

    7ae1f71e87dc52c2dd640c025ca623304e28717119c52107163d905e8f17d6a20de243e6a1cf8f75ab9e797224b47eae199a669e209998620625b20c099657d5

Score
10/10
executionransomware

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://cdn.discordapp.com/attachments/1210857012976680982/1265375003356958820/Untitled11_20240723222812.png?ex=66a147ce&is=669ff64e&hm=a5ecf1bc511891fb8e579dce5e1c76df281f970a2c4b3e920c861ca27b0b0ef7&

Targets

    • Target

      trustedinstaller.bat

    • Size

      3KB

    • MD5

      a342c02d8b85d351af8871776fc67dd7

    • SHA1

      4b7c7e5697cee05354f0902a3c40d35c7c892a7d

    • SHA256

      9802eda5439017e0b2fe42d53bbeac75176c52b4383e33d1a4cb445a00b16b8b

    • SHA512

      7ae1f71e87dc52c2dd640c025ca623304e28717119c52107163d905e8f17d6a20de243e6a1cf8f75ab9e797224b47eae199a669e209998620625b20c099657d5

    Score
    10/10
    executionransomware

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks