Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Temp Cleaner.bat

  • Size

    2KB

  • Sample

    240802-x2sbhawgmr

  • MD5

    ec35c8fdb352d85df9d1c074b36e2196

  • SHA1

    ba3eac35af48eb8492fa98ec19ab69e45aa7e211

  • SHA256

    d6b864d472efa77cbc6179e14e2172945ea1825860a5718dac6f0b835c9b2f01

  • SHA512

    c7a84a581146a68e8061ffd6efcd6b8e84019bb7c2f1da5e105eab887636b5b6763ef2cf9e756a0df3171e6883784d59bffc1b45ea95e4873d9e4f6126252bd1

Malware Config

Targets

    • Target

      Temp Cleaner.bat

    • Size

      2KB

    • MD5

      ec35c8fdb352d85df9d1c074b36e2196

    • SHA1

      ba3eac35af48eb8492fa98ec19ab69e45aa7e211

    • SHA256

      d6b864d472efa77cbc6179e14e2172945ea1825860a5718dac6f0b835c9b2f01

    • SHA512

      c7a84a581146a68e8061ffd6efcd6b8e84019bb7c2f1da5e105eab887636b5b6763ef2cf9e756a0df3171e6883784d59bffc1b45ea95e4873d9e4f6126252bd1

    • Clears Windows event logs

    • Deletes itself

    • Legitimate hosting services abused for malware hosting/C2

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

MITRE ATT&CK Enterprise v15

Tasks