Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3240b0d0e5fceec67fa4508b25ada5f3.vbs
-
Size
7KB
-
Sample
240818-p1181stfna
-
MD5
3240b0d0e5fceec67fa4508b25ada5f3
-
SHA1
62faca3413e8428174de83064efae2151ec54d6b
-
SHA256
40835a10f1c026f59a342d343157b8d664332379729fdf176bca90f34f18553e
-
SHA512
0ed461a32300b1ab7a938c6d015512bf7d12761dd42a6ff775dcc8ec82f077d6e336c3fa348152fdaa97cdfd9affecfb35f90bd677827da76bdafae7b894cbd9
-
SSDEEP
96:FLLi0eaa5egCLVXMftM94OSffrnI+Zad9x0azqFfHVi/2B3ubUbk:liaaPCLhMOhSffMN50azqxViQbk
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_http
http://193.117.208.148:7800/4VmKLnHpscqOBI8F6mrF9wybZYqjzvUoqORSVgL0h_JqeMDsTzpC_h4yEdCkNgpfrBklJtP1IiIqvZB5lfGRg7-RjV98NCmM8QQbZ7HJBHOTW2V-gRbSdD8U-g5SgAgLhxvqMgfweBvfaI22tIqzrP0Wodk0_cXT0F-V_jaNwEk
Targets
-
-
Target
3240b0d0e5fceec67fa4508b25ada5f3.vbs
-
Size
7KB
-
MD5
3240b0d0e5fceec67fa4508b25ada5f3
-
SHA1
62faca3413e8428174de83064efae2151ec54d6b
-
SHA256
40835a10f1c026f59a342d343157b8d664332379729fdf176bca90f34f18553e
-
SHA512
0ed461a32300b1ab7a938c6d015512bf7d12761dd42a6ff775dcc8ec82f077d6e336c3fa348152fdaa97cdfd9affecfb35f90bd677827da76bdafae7b894cbd9
-
SSDEEP
96:FLLi0eaa5egCLVXMftM94OSffrnI+Zad9x0azqFfHVi/2B3ubUbk:liaaPCLhMOhSffMN50azqxViQbk
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-