Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1cc90161fdb19aefccfc572c01f3ee8e

  • Size

    36KB

  • Sample

    231230-z6t21aahcm

  • MD5

    1cc90161fdb19aefccfc572c01f3ee8e

  • SHA1

    9f5998bcbc8138699ade1c513c7315e5d194a304

  • SHA256

    8b012b069f7616e96b74b494d5ac266ce9426a91920f5806fa9d4293cd8eb623

  • SHA512

    66a33620a21122429e2d45d157b4bcd19ad58095978ce5f5a192c4ec153f88cb1aac25d57719cf034080af5dce016b7bd4c31db4dcfd4e41b37e3f7719055bed

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJivSsy9lQaXr5NXmuyKS:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NR

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      1cc90161fdb19aefccfc572c01f3ee8e

    • Size

      36KB

    • MD5

      1cc90161fdb19aefccfc572c01f3ee8e

    • SHA1

      9f5998bcbc8138699ade1c513c7315e5d194a304

    • SHA256

      8b012b069f7616e96b74b494d5ac266ce9426a91920f5806fa9d4293cd8eb623

    • SHA512

      66a33620a21122429e2d45d157b4bcd19ad58095978ce5f5a192c4ec153f88cb1aac25d57719cf034080af5dce016b7bd4c31db4dcfd4e41b37e3f7719055bed

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJivSsy9lQaXr5NXmuyKS:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NR

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks