Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SOLICITUD DE PRESUPUESTO 09-16-2024·pdf.vbs
-
Size
41KB
-
Sample
240916-rmvv7asarh
-
MD5
7e4ddcf544043887aa681f00f4d88411
-
SHA1
cbfea2438100a9bae01a06ccc73b06d51ace1626
-
SHA256
132bb6c4728aa2754b10523a06e1d6ad4b571b59a3821c2baef81210d136d30d
-
SHA512
e0156be04e9af473941eb289304a86f03cc77ae0d1d8bb90096ded7291dc6ebb149796f7f296f10e2c38a778a9c23ea322f541b2a27e6ae9dd2f7fbf9f726bab
-
SSDEEP
384:Z9vOg3no0bPtRwN8Zb8BO7kLkpUJX4T2vz9xboQ8VfiQZykwNDG2R050v2r6Fuo3:Zp3nhaM+JzXgKQYYx9o7V
Static task
static1
Behavioral task
behavioral1
Sample
SOLICITUD DE PRESUPUESTO 09-16-2024·pdf.vbs
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
SOLICITUD DE PRESUPUESTO 09-16-2024·pdf.vbs
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
SOLICITUD DE PRESUPUESTO 09-16-2024·pdf.vbs
-
Size
41KB
-
MD5
7e4ddcf544043887aa681f00f4d88411
-
SHA1
cbfea2438100a9bae01a06ccc73b06d51ace1626
-
SHA256
132bb6c4728aa2754b10523a06e1d6ad4b571b59a3821c2baef81210d136d30d
-
SHA512
e0156be04e9af473941eb289304a86f03cc77ae0d1d8bb90096ded7291dc6ebb149796f7f296f10e2c38a778a9c23ea322f541b2a27e6ae9dd2f7fbf9f726bab
-
SSDEEP
384:Z9vOg3no0bPtRwN8Zb8BO7kLkpUJX4T2vz9xboQ8VfiQZykwNDG2R050v2r6Fuo3:Zp3nhaM+JzXgKQYYx9o7V
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-