Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Update (1).js

windows7-x64

8

Update (1).js

windows10-2004-x64

10

Analysis

  • max time kernel
    3s
  • max time network
    1s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 12:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Update (1).js

  • Size

    3.9MB

  • MD5

    c4aefe9f1ce6862df4f981938a2147f1

  • SHA1

    21e080d2a38237413aad3d5fa5b54307430eb864

  • SHA256

    7f76bf19775cb619c66e6636e463fb75f8d2e1c279c7d02806eb5d0674728b02

  • SHA512

    c274cca49452500c9e5cdf4316a9be130df1a2b54e376ba23d2ba9f14fb5d01f30afc4b5aeca184c11a5eba6f7eef8c851c843083b0ee8c474ad1765b49021d8

  • SSDEEP

    49152:6sz6FvpOiHY7sz6FvpOiHYXsz6FvpOiHY7sz6FvpOiHYnsz6FvpOiHY7sz6FvpOQ:60WQ0Ws0WQ0We0WQ0W5

Score
8/10
execution

Malware Config

Signatures

  • Blocklisted process makes network request 2 IoCs
  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe "C:\Users\Admin\AppData\Local\Temp\Update (1).js"
    1⤵
    • Blocklisted process makes network request
    PID:1648

Network

  • flag-us
    DNS
    writeindia.com
    wscript.exe
    Remote address:
    8.8.8.8:53
    Request
    writeindia.com
    IN A
    Response
    writeindia.com
    IN A
    37.1.210.252
  • 37.1.210.252:443
    writeindia.com
    tls
    wscript.exe
    348 B
     219 B
     5
    5
  • 37.1.210.252:443
    writeindia.com
    tls
    wscript.exe
    288 B
     219 B
     5
    5
  • 8.8.8.8:53
    writeindia.com
    dns
    wscript.exe
    60 B
     76 B
     1
    1

    DNS Request

    writeindia.com

    DNS Response

    37.1.210.252

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.