Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

z.ps1

windows7-x64

1

z.ps1

windows10-2004-x64

10

Resubmissions

26/06/2023, 19:28

230626-x6wjqace2y 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    z.pdf

  • Size

    111KB

  • Sample

    230626-x6wjqace2y

  • MD5

    ca513123105fdfb80f25cddb88663135

  • SHA1

    9db5299c71a3ba37c82d15aaa156868fa3fdcd77

  • SHA256

    37d6b218e2b3b219d79d09f36472a6052990ae0b45d33119c468a7abb30d3f99

  • SHA512

    9de57eb1e9cd13f802126072ef81b416b51073e8010207ace28d1b2de574f52856afb357db92804575f2abab72f67c4b82db34b59e821576f674b3da5bd31f7b

  • SSDEEP

    1536:lP2N2em5QnDSbYb/QIxf81IjqDSLZD9lcposlTssq/LshZjz5Je3UjQu/vQE6WKY:oN2A/QInDwNz5Je3UE1Wh

Score
10/10
xwormrattrojan

Malware Config

Extracted

Family

xworm

C2

23.227.198.214:7777

Mutex

UWE9PZMqsQra3qHP

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      z.pdf

    • Size

      111KB

    • MD5

      ca513123105fdfb80f25cddb88663135

    • SHA1

      9db5299c71a3ba37c82d15aaa156868fa3fdcd77

    • SHA256

      37d6b218e2b3b219d79d09f36472a6052990ae0b45d33119c468a7abb30d3f99

    • SHA512

      9de57eb1e9cd13f802126072ef81b416b51073e8010207ace28d1b2de574f52856afb357db92804575f2abab72f67c4b82db34b59e821576f674b3da5bd31f7b

    • SSDEEP

      1536:lP2N2em5QnDSbYb/QIxf81IjqDSLZD9lcposlTssq/LshZjz5Je3UjQu/vQE6WKY:oN2A/QInDwNz5Je3UE1Wh

    Score
    10/10
    xwormrattrojan

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks