Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

URLScan

urlscan

http://noescape.exe

windows11-21h2-x64

8

Resubmissions

17/12/2024, 02:08

241217-ck2hmaxrgk 10

16/12/2024, 01:58

241216-cdtt7sxqhs 8

16/12/2024, 01:44

241216-b517xsxmes 3

16/12/2024, 01:41

241216-b4dp8syqej 3

16/12/2024, 01:28

241216-bvm8bawrfz 10

16/12/2024, 01:13

241216-blhw8swnas 5

15/12/2024, 20:09

241215-yxkarsxkdn 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://noescape.exe

  • Sample

    241216-cdtt7sxqhs

Score
8/10
defense_evasiondiscoverymotwphishing

Malware Config

Targets

    • Target

      http://noescape.exe

    Score
    8/10
    defense_evasiondiscoverymotwphishing

    • Downloads MZ/PE file

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks