Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3ddee8f59a43404f6beaf10e749a977a

  • Size

    36KB

  • Sample

    240101-zsjzwadbe8

  • MD5

    3ddee8f59a43404f6beaf10e749a977a

  • SHA1

    d1b1be71afddbf801479a061b4ccd634f2a65ab1

  • SHA256

    5018013063afa7e292d4870bf0ee14a728e1aa89643b7928068e6bb3cdd885a1

  • SHA512

    5078c89100cc8c00d5502dad587476f19ff8e88f1aedffafde42206c53a1c78f076e2defc38ea850b9b8a006d4990168e58f0058011422bf93843eb63d838fd3

  • SSDEEP

    768:qPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJJvbcCgAEhfF0Ma:+ok3hbdlylKsgqopeJBWhZFGkE+cL2Nw

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://markens.online/wp-data.php

xlm40.dropper

https://statedauto.com/wp-data.php

Targets

    • Target

      3ddee8f59a43404f6beaf10e749a977a

    • Size

      36KB

    • MD5

      3ddee8f59a43404f6beaf10e749a977a

    • SHA1

      d1b1be71afddbf801479a061b4ccd634f2a65ab1

    • SHA256

      5018013063afa7e292d4870bf0ee14a728e1aa89643b7928068e6bb3cdd885a1

    • SHA512

      5078c89100cc8c00d5502dad587476f19ff8e88f1aedffafde42206c53a1c78f076e2defc38ea850b9b8a006d4990168e58f0058011422bf93843eb63d838fd3

    • SSDEEP

      768:qPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJJvbcCgAEhfF0Ma:+ok3hbdlylKsgqopeJBWhZFGkE+cL2Nw

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks