Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Xotic_Activator.exe

  • Size

    7.8MB

  • Sample

    240203-rc1npabbd7

  • MD5

    b7187165f15eb840b317ec8c0a2af280

  • SHA1

    cc581b387f05b7e0a3310c44ada888c5397c3c03

  • SHA256

    6d6c69215c29027dd81f4015cf5787059ac40f3c19235560312629e2a77dc4b2

  • SHA512

    d5261c17438bdbfcdec39f48d83ba423f9412cdc360491f2a16d0ba348df4883903012b7a7362f7c40f52ccf0b99210c8cfbeb41e6d6f160d33f2dd9c1a0096c

  • SSDEEP

    196608:xHHRrH1W903eV4QtMToEuGxgh858F0ibfU0SEYgABt+kfLgiUR:/hW+eGQtMTozGxu8C0ibfOkWkp

Score
8/10

Malware Config

Targets

    • Target

      Xotic_Activator.exe

    • Size

      7.8MB

    • MD5

      b7187165f15eb840b317ec8c0a2af280

    • SHA1

      cc581b387f05b7e0a3310c44ada888c5397c3c03

    • SHA256

      6d6c69215c29027dd81f4015cf5787059ac40f3c19235560312629e2a77dc4b2

    • SHA512

      d5261c17438bdbfcdec39f48d83ba423f9412cdc360491f2a16d0ba348df4883903012b7a7362f7c40f52ccf0b99210c8cfbeb41e6d6f160d33f2dd9c1a0096c

    • SSDEEP

      196608:xHHRrH1W903eV4QtMToEuGxgh858F0ibfU0SEYgABt+kfLgiUR:/hW+eGQtMTozGxu8C0ibfOkWkp

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      main.pyc

    • Size

      4KB

    • MD5

      78044e0945749775910ce61a3a0c8f74

    • SHA1

      72ed0e3180c2f62b1e70c08dda96dc083f2a0074

    • SHA256

      391cda8393509999ba2bc99c764de7ddb6b5b03a70a29af87bf50a1d5e09a17e

    • SHA512

      a77820098223d5ff35f93da1876556b1dcda5f14837a155b9db73140dfb2e792e7137decfa342e9321ff96e06330ac48d392b35512b0e7f8145db6da664a06ab

    • SSDEEP

      96:QEHXKag/on8jIIVTfHAlVPflDji+kgZjPlsx9SHfUh:d6agwIVTfJgZy3Nh

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks