Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d02394c2ab7df5957768ce12a6e7e3e38e28b96c62c6a2d52af2693ed40e784b.zip

  • Size

    2KB

  • Sample

    240802-tpzm9svhqd

  • MD5

    d700f1dc2f107a0a7306e6ec9f56954d

  • SHA1

    77600a2d54eebd43e6a15e505a53deb556839a1b

  • SHA256

    e0789527ab4f8ec59edb538dcac4f80a457964a40a2b213fe71a8be49f565e66

  • SHA512

    b62faf76914ed3c2145aa960c1bd732d14d6dbbced7e81c67b8ab9f357977e7b4d2dd671dc2dcaee7788341c3d1ecd3b7f9d0ff4043470b909b1b822c5ea2a9b

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://www.newupdatenew.com/LOCKSA/PDFGOOOOO.HTA

Targets

    • Target

      Contract And Bm link.pdf.lnk

    • Size

      2KB

    • MD5

      5c101777fec7ff1e36a330c5f739901b

    • SHA1

      231ed0c3c869071786e5592422e36f079889c9d1

    • SHA256

      0cee6c7fbe37cb12a8c4416bc916aed3644ad5c09f02641477522a940bfb8d9e

    • SHA512

      b7482f65d7f859c782056caed992f8cadc01be45529ea2e8031e07e3c885f73911262fde1bec8a42cb41c36db5d8b378478133ffa8592661daa73f1e8bc8a70d

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks