Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

1408036046...5R.vbs

windows7-x64

7

1408036046...5R.vbs

windows10-2004-x64

7

~/-/~~/36e...84.dll

windows7-x64

1

~/-/~~/36e...84.dll

windows10-2004-x64

1

~/-/~~/36e...65.dll

windows7-x64

3

~/-/~~/36e...65.dll

windows10-2004-x64

3

~/-/~~/36e...31.dll

windows7-x64

3

~/-/~~/36e...31.dll

windows10-2004-x64

3

~/-/~~/36e...22.dll

windows7-x64

1

~/-/~~/36e...22.dll

windows10-2004-x64

1

~/-/~~/36e...33.dll

windows7-x64

1

~/-/~~/36e...33.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e7e0d2b2619a52cc94cefc60755d39d6bc83014b8c529e775e0841f877380bd.zip

  • Size

    2.5MB

  • Sample

    250325-ng89vavxfx

  • MD5

    97f54ea00cb3cfca8feb02e6cc39c970

  • SHA1

    ef387ca0ea3f1b24cec5bbd8a354bc86d21c7a31

  • SHA256

    1e7e0d2b2619a52cc94cefc60755d39d6bc83014b8c529e775e0841f877380bd

  • SHA512

    3963fd1d320821b4d00c115eaba025a865933f7f77246aa3d0ecab00ccdfce516ead8386ecf5fc795680a72a13825f3fdb1fd4f3fd9d70ace438c44d67d753d7

  • SSDEEP

    49152:KTrUoyQU1VkI0qv2vd8LoMJyTgE6XGOq/I8hhT0gBjhYhz3Va+43+L9R61Uj:6wQOuvqWdvMITgbXE6WlYF36g97

Score
7/10
discovery

Malware Config

Targets

    • Target

      1408036046_2025-03-24-69425519059_5415R.vbs

    • Size

      3.8MB

    • MD5

      3dcba98fd36ce6f61df7bd91b2668304

    • SHA1

      fd8e65ef8cf6e31577484bb68a1c3ac982bb9332

    • SHA256

      8a4c7895114c65d9174ae744aeff93024214d9bbc76cafd3e9f21ffbce8efdf4

    • SHA512

      c228b56cf36965d80d50da174be04b7de84e7c84e00a5d208658b307420e51be13475396912ea1d319a3fd40df8abede2efdf0d4aedf202b7ad75565a6bc6a1c

    • SSDEEP

      49152:Q1QY2iFJjh0Aw01drLTN79ei3nWWWyHIqTPjRqge6J3SVOASE93:B

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

    • Target

      ~/-/~~/36eLyCyV9/S4Abg7z/2RC4VyN9HU/f825H8nt2h/09636937151884.xml

    • Size

      17KB

    • MD5

      9c279d33e474ed09109102d96af70a85

    • SHA1

      64ff920571b14f582d42910f2bb1cbfe510d9315

    • SHA256

      acdf4b80422fd942a9384435ea8cab4b1f179fc45aa188d47bad0f01d8b9ec36

    • SHA512

      de0221458a98a0c9ce7d63f126ce4aa4b0f1fb82881c14f5c7c8d64266b01e9d11e8c6730ad0b779f99ee049196a738448ceeb8f17a3de52c7d4968111280833

    • SSDEEP

      384:yL65BY0mf1ZSf+VIYic5fLaIleSJIVE8E9VF0NyCHr9D:yL67Y0mfc/Yic5f2ESD

    Score
    1/10
    behavioral3behavioral4

    • Target

      ~/-/~~/36eLyCyV9/S4Abg7z/2RC4VyN9HU/f825H8nt2h/096745465.xml

    • Size

      13KB

    • MD5

      3db8784dfca11580984cf02855fb7841

    • SHA1

      55060b31427329fe742e51bbda6016feb068e489

    • SHA256

      028c2b444ec7abddb13448c13317d1e26d7a644c65e2371d9115e1b9eff96daa

    • SHA512

      81e592ada2da41e0191d599a526dfaba16a8ff3a8fdcbad21782fac953b0389a8e611337c36286f40bb745698330ab5be7b177ea1f047ad388a216c644dade74

    • SSDEEP

      192:8tvlddaSH5orWy3XLPVlD6zb1EmAnyowJL/Zrwmg+vMXNkr9ZCspE+TMUrnoG:8dP4We7PVlOFMYJL+mcXfeMsoG

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      ~/-/~~/36eLyCyV9/S4Abg7z/2RC4VyN9HU/f825H8nt2h/121695431.xml

    • Size

      18KB

    • MD5

      bcf08c6399403647f4964c5dd58cf413

    • SHA1

      a6a084c63f9a16a8e27b771da92669301ca1615a

    • SHA256

      bf2ad6182c2733d2cec0ae3d2029b01d3e966affffcde3738555e81aa939b91e

    • SHA512

      39b90f37ce2f63822bffe1249ce3c79ba16db47d2348c102ea87aa2ad315200f0e56f356da1a49e3248b2aa95270afce4856c1946ef3efd7f61807a037959187

    • SSDEEP

      384:FBCDJgN6Fx6uoCNyb8E9VF6IYinAM+oaupoou2TqYx:FBC1gkx6uoCEpYinAMxJ1tx

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      ~/-/~~/36eLyCyV9/S4Abg7z/2RC4VyN9HU/f825H8nt2h/1845531353016275103132630488502822.xml

    • Size

      26KB

    • MD5

      a9e0acdfeb311bfbc4553cabe85c2a99

    • SHA1

      386fe13de0a48607ce1749899c83346b9f5ec5bd

    • SHA256

      7c46603ad0df769249adbc5c4d52b0506faa028292aefcb2923cca713dfd7258

    • SHA512

      24aa5d31c8174a1be9ac9af73b171fcb22f0b72f7cce075e065b5594ba4462de05f0622c002d5292c1f7d7f151372379f9495f33fecc159e12847ee227d6fac6

    • SSDEEP

      384:p7JTQ85kJnHzfs6h3L9AaI6waxnjgbSHSIYi5Km0ZU9NfNGFu:5eHzfsS3xI6lxj/Yicm0ZANwFu

    Score
    1/10
    behavioral10behavioral9

    • Target

      ~/-/~~/36eLyCyV9/S4Abg7z/2RC4VyN9HU/f825H8nt2h/303221978004590033053779333.xml

    • Size

      15KB

    • MD5

      52e73db3d2007016235d5edb33db2065

    • SHA1

      43f892a84e873bac332b0d665f5f2cdb32a3565b

    • SHA256

      4f065b18589ad28795b0ca5395479839434883469bca353f44147eb5bc018350

    • SHA512

      b904272a17c1d1e100237f6e7bb6c0e3b036143222aac0b937506ff4f6e915a3a99a49e571045f74fd15bf76e680d907c9fe4fbb41d732a66773453bc66cb88b

    • SSDEEP

      192:ZUQl2bzfzEq+1QmZGUIYiYF80CKRZKx7y9PO4NKzYJzkMDxHtFhFwAf9J:2PIjLIYi5Km09P9NfNX

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks