Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

custom.bat

windows10-1703-x64

7

custom.bat

windows7-x64

7

custom.bat

windows10-2004-x64

8

custom.bat

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    custom.bat

  • Size

    4KB

  • Sample

    240908-hkm8wsthle

  • MD5

    1c63745d54962d205bb3ae879bea1ed4

  • SHA1

    a832c894a4e2b6d486c48b9ea6ec79d94df9537e

  • SHA256

    396ea933ebc00327d2ea983206ccd2a832999c28a7df070000fe9874890b5a0e

  • SHA512

    129d73d0fd5967b232c54d50bc94ed171dd2ee5da2222b18bd350b42808799575a3a726c7b0b46b65d2717d025b9ebeb424a834f42540daf8308be3171a4af39

  • SSDEEP

    96:NQN1Vh0eAwx86mwCVHVsOvx8vXSu7eQ/GdZj/BawH6im7BFVPhGHixL:NOueA8CVHiOvx8vC0emG7LBawH6/Yix

Score
8/10
discoveryexecutionexploitpersistence

Malware Config

Targets

    • Target

      custom.bat

    • Size

      4KB

    • MD5

      1c63745d54962d205bb3ae879bea1ed4

    • SHA1

      a832c894a4e2b6d486c48b9ea6ec79d94df9537e

    • SHA256

      396ea933ebc00327d2ea983206ccd2a832999c28a7df070000fe9874890b5a0e

    • SHA512

      129d73d0fd5967b232c54d50bc94ed171dd2ee5da2222b18bd350b42808799575a3a726c7b0b46b65d2717d025b9ebeb424a834f42540daf8308be3171a4af39

    • SSDEEP

      96:NQN1Vh0eAwx86mwCVHVsOvx8vXSu7eQ/GdZj/BawH6im7BFVPhGHixL:NOueA8CVHiOvx8vC0emG7LBawH6/Yix

    Score
    8/10
    discoveryexecutionpersistenceexploit

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks