Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1182be09b5ccf432b9247e3aabb45d59

  • Size

    36KB

  • Sample

    231230-hnm3ashee6

  • MD5

    1182be09b5ccf432b9247e3aabb45d59

  • SHA1

    752a7ad0d325fdb12d4492219fa8aaa9aa5d0fe3

  • SHA256

    b66d4d4627ad582bda80dff28f64081fa9fe024bf6cd8f8330c0727f0aa89d30

  • SHA512

    6129d374cb3df9e2e50e5cc3149ca4fedee26c5e6ef65f003676a74aada5e5e2f24bce1d29cb04265d93dff14b1baa21920c3c6c0ddbd884c7f0eef6ed6f0d05

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJHr1Pefsb2tJrD:Iok3hbdlylKsgqopeJBWhZFGkE+cL2N3

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      1182be09b5ccf432b9247e3aabb45d59

    • Size

      36KB

    • MD5

      1182be09b5ccf432b9247e3aabb45d59

    • SHA1

      752a7ad0d325fdb12d4492219fa8aaa9aa5d0fe3

    • SHA256

      b66d4d4627ad582bda80dff28f64081fa9fe024bf6cd8f8330c0727f0aa89d30

    • SHA512

      6129d374cb3df9e2e50e5cc3149ca4fedee26c5e6ef65f003676a74aada5e5e2f24bce1d29cb04265d93dff14b1baa21920c3c6c0ddbd884c7f0eef6ed6f0d05

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJHr1Pefsb2tJrD:Iok3hbdlylKsgqopeJBWhZFGkE+cL2N3

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks