Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

run.bat

windows11-21h2-x64

3

run.bat

macos-10.15-amd64

1

Analysis

  • max time kernel
    345s
  • max time network
    1618s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    04/09/2024, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    run.bat

  • Size

    18KB

  • MD5

    08c5720d894aa475fb253c05d32ec8ff

  • SHA1

    009070618df52a45b1a95c576b2900473a6bbd88

  • SHA256

    e70894b43b09e5698ce3a0eebb76f542ed80a919d568b8792ee4b57b0dd6eb2f

  • SHA512

    c926d064c70e8294a2930da9756dc83a9fd30a68f6766e11e3069f9c0f7a822470e4348c9b991e1055c6168dd0961422aeb370a9e09e1864c1cbc69ace0a0259

  • SSDEEP

    192:fwwwwwwwwwwwwwwwwwwwwwwwwww2QQQQQQQQQQQQQQQQQQQVQQQQQQQQQQQVQQQ5:D

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/run.bat\""
    1⤵
      PID:477
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/run.bat\""
      1⤵
        PID:477
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/run.bat
        1⤵
          PID:477
          • /bin/zsh
            /bin/zsh -c /Users/run/run.bat
            2⤵
              PID:480
            • /Users/run/run.bat
              /Users/run/run.bat
              2⤵
                PID:480
              • /bin/sh
                sh /Users/run/run.bat
                2⤵
                  PID:480
                • /bin/bash
                  sh /Users/run/run.bat
                  2⤵
                    PID:480
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.spindump
                  1⤵
                    PID:531
                  • /usr/sbin/spindump
                    /usr/sbin/spindump
                    1⤵
                      PID:531
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.diagnosticd
                      1⤵
                        PID:532
                      • /usr/libexec/diagnosticd
                        /usr/libexec/diagnosticd
                        1⤵
                          PID:532

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads