Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    96bebb29dd30346283da2428257659b4f312969cb1181614f61607fdf3abddf0

  • Size

    36KB

  • Sample

    230129-x2t54aaf88

  • MD5

    523c2351f5131f61a906222047b727fd

  • SHA1

    0d03fed527306e8dff456bf976e0ae5501e94a0e

  • SHA256

    96bebb29dd30346283da2428257659b4f312969cb1181614f61607fdf3abddf0

  • SHA512

    52c23e6e5b945082efc45a7c8277705cc185b753bce9f040f290e99219a0b71aac6c8bf94b6ceac89388bb1a9ec6aa9013e16fe6a9db8a5dd66bf95c1dd4dd41

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnNYpPh+knzRxSZb:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NG

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      96bebb29dd30346283da2428257659b4f312969cb1181614f61607fdf3abddf0

    • Size

      36KB

    • MD5

      523c2351f5131f61a906222047b727fd

    • SHA1

      0d03fed527306e8dff456bf976e0ae5501e94a0e

    • SHA256

      96bebb29dd30346283da2428257659b4f312969cb1181614f61607fdf3abddf0

    • SHA512

      52c23e6e5b945082efc45a7c8277705cc185b753bce9f040f290e99219a0b71aac6c8bf94b6ceac89388bb1a9ec6aa9013e16fe6a9db8a5dd66bf95c1dd4dd41

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJnNYpPh+knzRxSZb:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NG

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v6

Tasks