Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0316b8828f24e702daf5b382672b55e1.xls

  • Size

    36KB

  • Sample

    240101-ylzajsbde4

  • MD5

    0316b8828f24e702daf5b382672b55e1

  • SHA1

    141cb1baf5702ac3d870d94bc0e121f80ebab5ce

  • SHA256

    ec90a0a6d81b5175a9e580227765d22ce9a933ecf75808abd4da0ff8502cf80a

  • SHA512

    77212026d29820b318294cde60bec2b514483a259831994078b17186997ec6396f6bdd9a8206369f18963fec414edc5415e22752c54edc5b4640c63dfadc28d5

  • SSDEEP

    768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJiYc2YQ/42xMXJEf30K:Lok3hbdlylKsgqopeJBWhZFGkE+cL2N6

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      0316b8828f24e702daf5b382672b55e1.xls

    • Size

      36KB

    • MD5

      0316b8828f24e702daf5b382672b55e1

    • SHA1

      141cb1baf5702ac3d870d94bc0e121f80ebab5ce

    • SHA256

      ec90a0a6d81b5175a9e580227765d22ce9a933ecf75808abd4da0ff8502cf80a

    • SHA512

      77212026d29820b318294cde60bec2b514483a259831994078b17186997ec6396f6bdd9a8206369f18963fec414edc5415e22752c54edc5b4640c63dfadc28d5

    • SSDEEP

      768:TPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJiYc2YQ/42xMXJEf30K:Lok3hbdlylKsgqopeJBWhZFGkE+cL2N6

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks