Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bomboclat.doc

  • Size

    135KB

  • Sample

    240402-113bvsfb53

  • MD5

    3a5d3b928c3bf812af06c54d80c76889

  • SHA1

    f5cebd259d0979ce6b6790004ce2d43096dd17dc

  • SHA256

    e68513b2fca03da2503177ae48a4ab7ace94e6b0762e8a7c9a6557dfe8037776

  • SHA512

    6c9b9fe05d6b5a24b93468a7729cc28ecf545d0e77d09dbef7d2b40ad4e1b658b13e5c030dfbc1ffeeb8949e42353c85ebbc502e31253d7920ee1aa95273d711

  • SSDEEP

    3072:lxMMcKBUZv8+Y2yv0jnu8zpbTrn1O4z4V7EEo9rwu0y:7B08+Y2g0y8NTuV7Ebr

Score
10/10

Malware Config

Targets

    • Target

      bomboclat.doc

    • Size

      135KB

    • MD5

      3a5d3b928c3bf812af06c54d80c76889

    • SHA1

      f5cebd259d0979ce6b6790004ce2d43096dd17dc

    • SHA256

      e68513b2fca03da2503177ae48a4ab7ace94e6b0762e8a7c9a6557dfe8037776

    • SHA512

      6c9b9fe05d6b5a24b93468a7729cc28ecf545d0e77d09dbef7d2b40ad4e1b658b13e5c030dfbc1ffeeb8949e42353c85ebbc502e31253d7920ee1aa95273d711

    • SSDEEP

      3072:lxMMcKBUZv8+Y2yv0jnu8zpbTrn1O4z4V7EEo9rwu0y:7B08+Y2g0y8NTuV7Ebr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks