Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4e31fe618cc927e37f9e3368565110a0N.zip

  • Size

    1.1MB

  • Sample

    240713-fsntaaxamm

  • MD5

    4e31fe618cc927e37f9e3368565110a0

  • SHA1

    1ba9c3c9d446b15142c46f7c22f705107db1b2ee

  • SHA256

    97c7fd3de4f86e70b303047927239983d5f72661400c43b33cda177e5158f58a

  • SHA512

    f26fe758ff84d70a94d4134c61bcb8ed45dfb00d0d473a402f26910e5653b6592778433644409cea6efcae5dab070595f8429071070b1815952b48f13a56c15c

  • SSDEEP

    24576:IU7+11AfWzSUyKZ4JWvuoXZbxt31olwJNCzgB3zcUoP9J:Jc0Qys4YGQJwvzGzZoP9J

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://5.254.118.241/352042.dat

xlm40.dropper

http://139.99.133.171/352042.dat

xlm40.dropper

http://185.244.149.152/352042.dat

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://5.254.118.241/2359222.dat

xlm40.dropper

http://139.99.133.171/2359222.dat

xlm40.dropper

http://185.244.149.152/2359222.dat

Targets

    • Target

      ComplianceReport-1235323747-Apr-20.xlsb

    • Size

      1.2MB

    • MD5

      51016d03eae776f91efa813adfa7d9fe

    • SHA1

      eaca11c28c4ce7751b8f0f3e6daa027ead329fe3

    • SHA256

      7db01ebd9e8d5bb25b52eb950fe2c43da26552fbb37377519acf787942824701

    • SHA512

      b6f3be602bc2534afaf0a311ab7ff0d132716bbbe8d64e729700fae7a9e82df361dd8db732f2f0fcaef4c730c1a1e7f26bfb21b43f2a8f9b40693a0984a3230c

    • SSDEEP

      24576:0iWxUUOy+cKrpxlDPTMFf9P0kmppxlDPTMFfypxlDPTMFf3h:dEcyUjDLMd+bjDLMdEjDLMd3h

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks