Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.XLM.Trojan.Abracadabra.35.Gen.22399.31359.xlsx

  • Size

    280KB

  • Sample

    220922-bex3kshda6

  • MD5

    deeac3fe7fbebb90483ee76db1e2bf17

  • SHA1

    b77bb5abf1aa44778fa7038f3af467d968cc61ae

  • SHA256

    b377cb39d6c6b90ae6a7942c9c80992e636c5607b28b9e704fc77a5d68acc17c

  • SHA512

    f0919d08e1b429084037edde43377220096d267f98f125e673259148e7dba9d7cc9808b03e403002ddb4cdc1146864e9de45c06f26c23424ebee3a877ffa5f3f

  • SSDEEP

    6144:6cPiTQAVW/89BQnmlcGvgZ7rDjo8UOMzJK+tfq5I:5pO

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://deluciaspizza.com/netmouser.dll

Targets

    • Target

      SecuriteInfo.com.XLM.Trojan.Abracadabra.35.Gen.22399.31359.xlsx

    • Size

      280KB

    • MD5

      deeac3fe7fbebb90483ee76db1e2bf17

    • SHA1

      b77bb5abf1aa44778fa7038f3af467d968cc61ae

    • SHA256

      b377cb39d6c6b90ae6a7942c9c80992e636c5607b28b9e704fc77a5d68acc17c

    • SHA512

      f0919d08e1b429084037edde43377220096d267f98f125e673259148e7dba9d7cc9808b03e403002ddb4cdc1146864e9de45c06f26c23424ebee3a877ffa5f3f

    • SSDEEP

      6144:6cPiTQAVW/89BQnmlcGvgZ7rDjo8UOMzJK+tfq5I:5pO

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks