Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4fbbd4c9591ac023cd7da6c9e9dd10e173c1e8db7302c424b401b5516ea09588

  • Size

    44KB

  • Sample

    240913-gbt5eaxapl

  • MD5

    d597c69135c764796ccc916a9ed97d8f

  • SHA1

    25bdf2dffd2df9435578eecd4ec560be5ede5678

  • SHA256

    4fbbd4c9591ac023cd7da6c9e9dd10e173c1e8db7302c424b401b5516ea09588

  • SHA512

    51220484fe348f5f99157882799f38e48948dce7bd648cd9913483d3a3a72ca9202628e0fdbf3a4bb24c273c07a3a3b6c9f49972a8a184591d8c2dc280fb4c58

  • SSDEEP

    768:oPXk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJWL6uShYUQgcUcwWNvW1Tpl3ZeT:EXk3hbdlylKsgqopeJBWhZFGkE+cL2Nf

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://gogaurav.com/lkcvjw.php

xlm40.dropper

https://wfduino.com/pcwblt.php

xlm40.dropper

https://susansquires.com/2014-style2.php

xlm40.dropper

https://animalbliss.com/xmlpl.php

Targets

    • Target

      4fbbd4c9591ac023cd7da6c9e9dd10e173c1e8db7302c424b401b5516ea09588

    • Size

      44KB

    • MD5

      d597c69135c764796ccc916a9ed97d8f

    • SHA1

      25bdf2dffd2df9435578eecd4ec560be5ede5678

    • SHA256

      4fbbd4c9591ac023cd7da6c9e9dd10e173c1e8db7302c424b401b5516ea09588

    • SHA512

      51220484fe348f5f99157882799f38e48948dce7bd648cd9913483d3a3a72ca9202628e0fdbf3a4bb24c273c07a3a3b6c9f49972a8a184591d8c2dc280fb4c58

    • SSDEEP

      768:oPXk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJWL6uShYUQgcUcwWNvW1Tpl3ZeT:EXk3hbdlylKsgqopeJBWhZFGkE+cL2Nf

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks