Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Invio_File...97.vbs

windows7-x64

10

Invio_File...97.vbs

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    82a5c2c1860860f5cb9bae361e09f1103fd8740aba1bed084e15e8a487a4510a

  • Size

    4KB

  • Sample

    240919-l9m6zashqb

  • MD5

    eb1c96c99b349af94812790ef7a650b8

  • SHA1

    6fba6478308322c06d623a6a04956da038e9c2c9

  • SHA256

    82a5c2c1860860f5cb9bae361e09f1103fd8740aba1bed084e15e8a487a4510a

  • SHA512

    e116d093736426d97ad63833b19c07b09018f001906cdda351f834f611725e475475d2ddbcf95d1e496731f84f76400d5525faaa674b5a1267a6e9759fc1cc78

  • SSDEEP

    48:9i45RSIUIOehxDtFzf0V2AOgMAl8ZXz3MXSKEw2BZnP9R4aQaqrzk0Lg/:cj1ehltdf0V2Agn8X4BRz4Fob

Score
10/10
execution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://dbi.willjohnson.net/?need=5a5210f&vid=vb1&53969
exe.dropper

http://www.luigicafagna.it/wp-content/uploads/2017/10/SKMBT_C22017100712541.jpg

Targets

    • Target

      Invio_File_5_2e1c05a00c25827239e33c13d5dfad97.vbs

    • Size

      2.0MB

    • MD5

      9f27498cc3e4c9551b2a09b80a695e20

    • SHA1

      7be68189f366989b40ddcbdb65a73e71af752755

    • SHA256

      a35d561f3a00760bb2da5329c72ca4e7d6c30a5f81c8bb2af508f4d468c86855

    • SHA512

      68858adb77479ffb7f9bd69869e5be06d7c7c8424e3e657b51d01afac61dc3af640a3fbce75d98d4413ff310ae214b90d65a6ae61ad9f15f036a542f4003c941

    • SSDEEP

      192:MVp2kmF6uwAS6X9OHrNRL7Qf8i9hwuH7+o4kXpyHHxi:M72kmF7wAOL/Qf8xTcXcxi

    Score
    10/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Start PowerShell.

      execution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks