Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Temp Cleaner.bat

  • Size

    2KB

  • Sample

    240802-x2sbhawgmr

  • MD5

    ec35c8fdb352d85df9d1c074b36e2196

  • SHA1

    ba3eac35af48eb8492fa98ec19ab69e45aa7e211

  • SHA256

    d6b864d472efa77cbc6179e14e2172945ea1825860a5718dac6f0b835c9b2f01

  • SHA512

    c7a84a581146a68e8061ffd6efcd6b8e84019bb7c2f1da5e105eab887636b5b6763ef2cf9e756a0df3171e6883784d59bffc1b45ea95e4873d9e4f6126252bd1

Malware Config

Targets

    • Target

      Temp Cleaner.bat

    • Size

      2KB

    • MD5

      ec35c8fdb352d85df9d1c074b36e2196

    • SHA1

      ba3eac35af48eb8492fa98ec19ab69e45aa7e211

    • SHA256

      d6b864d472efa77cbc6179e14e2172945ea1825860a5718dac6f0b835c9b2f01

    • SHA512

      c7a84a581146a68e8061ffd6efcd6b8e84019bb7c2f1da5e105eab887636b5b6763ef2cf9e756a0df3171e6883784d59bffc1b45ea95e4873d9e4f6126252bd1

    • Clears Windows event logs

    • Deletes itself

    • Legitimate hosting services abused for malware hosting/C2

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.