Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8327399d458913b2f8b9b8d5b53d38390ba01842747eb701cc75486e57df1d30N
-
Size
70KB
-
MD5
01417d75f6d4f4e43ab50301bdfed600
-
SHA1
f71eb0c0c8e43f82338f2ea45b41a434836f77c4
-
SHA256
8327399d458913b2f8b9b8d5b53d38390ba01842747eb701cc75486e57df1d30
-
SHA512
3ae6831b2aa620f262f2d7c23194b66cb52eccbd955ee8f2b5ce7cfd3e53f85070000f98a301ec67f4f0426284bd5fdf0c135533fe3c041493781dac91cbe6ac
-
SSDEEP
1536:ujXe7voXuNLagsO7hdXvxY+CbTX9R6l4OAy8AjubP:E6wXuNLagsO1dpY+CbTtNOB8AQP
Score
10/10
Malware Config
Extracted
Family
xworm
C2
192.168.0.3:3389
184.190.169.22:3389
192.168.0.8:3389
192.168.0.7:3389
Attributes
-
Install_directory
%ProgramData%
-
install_file
Microsoft OneDrive.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8327399d458913b2f8b9b8d5b53d38390ba01842747eb701cc75486e57df1d30N
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections