Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    709df3d382b86fffeda0e0c534206ec1.bin

  • Size

    1KB

  • Sample

    240909-blsrfaxbph

  • MD5

    c41d9abfc4003197b40adbfc4d2c8aee

  • SHA1

    69dce8adee7083c738efdf5763c0418bdd169bcb

  • SHA256

    1189e3d032c348aeda93979742d3585090562bfc40e115c56e95ebe813bafc64

  • SHA512

    d38fdd6500f5e4545c5a2391b28ac94cd90c3c6bb9db8f2a11586eeeeaea440d2f87ad5b1ab9a8dab69efa17495999bdeaa22da6c49d23bb44ca18917ceb913c

Score
8/10

Malware Config

Targets

    • Target

      ca5a213e123d830ad88e6eb9da341326fa6ea6c5bb535069406f9454b5aecccc.js

    • Size

      5KB

    • MD5

      709df3d382b86fffeda0e0c534206ec1

    • SHA1

      570e38194e3d5e977af449ca2fe1ef9f05b9c7de

    • SHA256

      ca5a213e123d830ad88e6eb9da341326fa6ea6c5bb535069406f9454b5aecccc

    • SHA512

      8e6d6a7038ae9f3edcec8b2bdbb536f356fe565b11f6114fc06425a1e1efeaa84693e2750d3b4a843daccb799bfc37b8a6b0fd3d8296c43909174b5179ae2365

    • SSDEEP

      96:XHSZyZ020gtthyohPx1MMEqzHQH0TqfpkIiup77jIf:i/dyU4I370

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Legitimate hosting services abused for malware hosting/C2

    • Network Share Discovery

      Attempt to gather information on host network.

MITRE ATT&CK Enterprise v15

Tasks