Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1cc20e82a981da6e670a36e8f391c347

  • Size

    36KB

  • Sample

    231230-z55r4sagaj

  • MD5

    1cc20e82a981da6e670a36e8f391c347

  • SHA1

    9b371a49608137c0e8eecf70e862ea393540ee20

  • SHA256

    30856e3e0f9583f9edce30c5470bf9f17e302f2cc747e728b017c19895aedaba

  • SHA512

    7cef9787322f809e385868809cecda36896ba895cda4aa71285bd9496369b9273c5d3192336d950f9da181b769afbff2e2cc0dc15c2c0afc7f7bb26e0abee5cf

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJEPjZ5vYu2Q1nfR:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Nb

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://statedauto.com/wp-data.php

xlm40.dropper

https://markens.online/wp-data.php

Targets

    • Target

      1cc20e82a981da6e670a36e8f391c347

    • Size

      36KB

    • MD5

      1cc20e82a981da6e670a36e8f391c347

    • SHA1

      9b371a49608137c0e8eecf70e862ea393540ee20

    • SHA256

      30856e3e0f9583f9edce30c5470bf9f17e302f2cc747e728b017c19895aedaba

    • SHA512

      7cef9787322f809e385868809cecda36896ba895cda4aa71285bd9496369b9273c5d3192336d950f9da181b769afbff2e2cc0dc15c2c0afc7f7bb26e0abee5cf

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJEPjZ5vYu2Q1nfR:Iok3hbdlylKsgqopeJBWhZFGkE+cL2Nb

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks