Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6e63bb12604c825135d27249a9092c84b18e63162a8053c2dbdf8b94e66ebbfc

  • Size

    56KB

  • Sample

    241111-11rkcsxgmp

  • MD5

    d4956eaaec20dc2252f72d091c83ddba

  • SHA1

    85aacfebf1ba21ab750c326be209445e5877708f

  • SHA256

    6e63bb12604c825135d27249a9092c84b18e63162a8053c2dbdf8b94e66ebbfc

  • SHA512

    efd008b49f3c06340a9a958b308b85d025f15b679fce50eaa7fd6a321c2e41bafdde22024e312cbd9cbf1b6b4ac85d43c09b80504b2b646ebddcad86e4db7a3e

  • SSDEEP

    1536:VsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgx5G9XSZ4XsvG:aKpb8rGYrMPe3q7Q0XV5xtezEsi8/dga

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://dharian.org/_sharedtemplates/D3QgytUZsO7korYQrG/

xlm40.dropper

http://digitalripple.com/scripts/4ovLPfq/

Targets

    • Target

      6e63bb12604c825135d27249a9092c84b18e63162a8053c2dbdf8b94e66ebbfc

    • Size

      56KB

    • MD5

      d4956eaaec20dc2252f72d091c83ddba

    • SHA1

      85aacfebf1ba21ab750c326be209445e5877708f

    • SHA256

      6e63bb12604c825135d27249a9092c84b18e63162a8053c2dbdf8b94e66ebbfc

    • SHA512

      efd008b49f3c06340a9a958b308b85d025f15b679fce50eaa7fd6a321c2e41bafdde22024e312cbd9cbf1b6b4ac85d43c09b80504b2b646ebddcad86e4db7a3e

    • SSDEEP

      1536:VsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgx5G9XSZ4XsvG:aKpb8rGYrMPe3q7Q0XV5xtezEsi8/dga

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks