Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1261089362960191529/1270894420677627955/Activate_Windows.cmd?ex=66c48569&is=66c333e9&hm=1d136d2abc805db2c3901dbae3505042bc749c352e28e7a287325bb42af89b92&

  • Sample

    240819-3cj7gsvgmq

Score
8/10
defense_evasiondiscoveryexecution

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1261089362960191529/1270894420677627955/Activate_Windows.cmd?ex=66c48569&is=66c333e9&hm=1d136d2abc805db2c3901dbae3505042bc749c352e28e7a287325bb42af89b92&

    Score
    8/10
    defense_evasiondiscoveryexecution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Legitimate hosting services abused for malware hosting/C2

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

      defense_evasion
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks