Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd4e331607c2c9e4a192b6b675fd08dfcd31bb69acad0a6f0270800d88e16c03

  • Size

    35KB

  • Sample

    230129-x2n9vacb2x

  • MD5

    c1d5e49987507ddde82c1e6b0a30131e

  • SHA1

    6f6e72d53d666afd639ca9b3ff7c632b81f52ff3

  • SHA256

    dd4e331607c2c9e4a192b6b675fd08dfcd31bb69acad0a6f0270800d88e16c03

  • SHA512

    ebb41cc3a0c9e73dcca220ee57f0aa2870a03981051eefc815816942574dd36a225e11c8a44e7b6516712c17f48e21aa0971d1deb0f4b8e83097a29f637da658

  • SSDEEP

    768:XPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3NfGma+kcmfBi:fok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      dd4e331607c2c9e4a192b6b675fd08dfcd31bb69acad0a6f0270800d88e16c03

    • Size

      35KB

    • MD5

      c1d5e49987507ddde82c1e6b0a30131e

    • SHA1

      6f6e72d53d666afd639ca9b3ff7c632b81f52ff3

    • SHA256

      dd4e331607c2c9e4a192b6b675fd08dfcd31bb69acad0a6f0270800d88e16c03

    • SHA512

      ebb41cc3a0c9e73dcca220ee57f0aa2870a03981051eefc815816942574dd36a225e11c8a44e7b6516712c17f48e21aa0971d1deb0f4b8e83097a29f637da658

    • SSDEEP

      768:XPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ3NfGma+kcmfBi:fok3hbdlylKsgqopeJBWhZFGkE+cL2Ns

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks