Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cb02d4cfe7793036acd01ce1b83ed14ca37aac5edb62690d991110e4312aca12

  • Size

    35KB

  • Sample

    230129-x2r1qsaf87

  • MD5

    0c45431d232374bebf71cdec67ffd6a9

  • SHA1

    da814ad4190f59b7c93c7a02fc34831db09192e0

  • SHA256

    cb02d4cfe7793036acd01ce1b83ed14ca37aac5edb62690d991110e4312aca12

  • SHA512

    8265c2e2a86c30deb2319a9fdf42875d73e88e771381f79c2829338b86817e18583ced5401a39158f5d2065f5c157b819c514be7c45fee502dd81ad59eef0a5e

  • SSDEEP

    768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJeK8zsW9C0G9ebd1KO+8YUR8:Lok3hbdlylKsgqopeJBWhZFGkE+cL2Nw

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      cb02d4cfe7793036acd01ce1b83ed14ca37aac5edb62690d991110e4312aca12

    • Size

      35KB

    • MD5

      0c45431d232374bebf71cdec67ffd6a9

    • SHA1

      da814ad4190f59b7c93c7a02fc34831db09192e0

    • SHA256

      cb02d4cfe7793036acd01ce1b83ed14ca37aac5edb62690d991110e4312aca12

    • SHA512

      8265c2e2a86c30deb2319a9fdf42875d73e88e771381f79c2829338b86817e18583ced5401a39158f5d2065f5c157b819c514be7c45fee502dd81ad59eef0a5e

    • SSDEEP

      768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJeK8zsW9C0G9ebd1KO+8YUR8:Lok3hbdlylKsgqopeJBWhZFGkE+cL2Nw

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks