Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f970630a41a2e8fe61fa3f2cf69dff87ac3fb272d006d6af866ca17264b14ff3

  • Size

    1.1MB

  • Sample

    240410-sehfkacb93

  • MD5

    ca09b19b6975e090fb4eda6ced1847b1

  • SHA1

    a7a2f5f7a70dab85f6ee173b9cde4507ed723ac5

  • SHA256

    f970630a41a2e8fe61fa3f2cf69dff87ac3fb272d006d6af866ca17264b14ff3

  • SHA512

    c536808f3c015a4473b50817cc3181763348428652903aad26697865ba83de4ac97f4bd7977bc986133e44582913065c68b9c882e6e7ff2d8a59e45c8d0e57cb

  • SSDEEP

    12288:fDmofgI7jf+hXEX62Jp7GqRCXCXCXB3ClforCz2XCKk2XC/kZnR99Wduz:fKCgI72qkZnR99O

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://www.4sync.com/web/directDownload/QHZsERS6/rHb0lMWD.f2e6a9154ab6cd29b337d6b555367580

Targets

    • Target

      f970630a41a2e8fe61fa3f2cf69dff87ac3fb272d006d6af866ca17264b14ff3

    • Size

      1.1MB

    • MD5

      ca09b19b6975e090fb4eda6ced1847b1

    • SHA1

      a7a2f5f7a70dab85f6ee173b9cde4507ed723ac5

    • SHA256

      f970630a41a2e8fe61fa3f2cf69dff87ac3fb272d006d6af866ca17264b14ff3

    • SHA512

      c536808f3c015a4473b50817cc3181763348428652903aad26697865ba83de4ac97f4bd7977bc986133e44582913065c68b9c882e6e7ff2d8a59e45c8d0e57cb

    • SSDEEP

      12288:fDmofgI7jf+hXEX62Jp7GqRCXCXCXB3ClforCz2XCKk2XC/kZnR99Wduz:fKCgI72qkZnR99O

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks