Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529

  • Size

    95KB

  • Sample

    241111-11va9a1lfq

  • MD5

    a81f285bedee2d96eea5d8e5492b7c60

  • SHA1

    b80d09616723614f7c8f10620c83c8ad77ceee11

  • SHA256

    2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529

  • SHA512

    218ee163b8b7eca8c07e33979473c2cd82c363a21b710a85c7e620add6046ec653cda8869261638c0966e9c8234e513656fb3cfad7591551d3a699fa06c6bda4

  • SSDEEP

    1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFV2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgY

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://educacionsanvicentefundacion.com/iplookup/wYEInbaN/

xlm40.dropper

https://www.4monkeys.com/wp-admin/dNAuBEKo/

xlm40.dropper

http://haircutbar.com/cgi-bin/dNfEA5F/

xlm40.dropper

http://gedebey-tvradio.info/wp-includes/T0J9THbd5f2/

Targets

    • Target

      2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529

    • Size

      95KB

    • MD5

      a81f285bedee2d96eea5d8e5492b7c60

    • SHA1

      b80d09616723614f7c8f10620c83c8ad77ceee11

    • SHA256

      2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529

    • SHA512

      218ee163b8b7eca8c07e33979473c2cd82c363a21b710a85c7e620add6046ec653cda8869261638c0966e9c8234e513656fb3cfad7591551d3a699fa06c6bda4

    • SSDEEP

      1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFV2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgY

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks