Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529
-
Size
95KB
-
Sample
241111-11va9a1lfq
-
MD5
a81f285bedee2d96eea5d8e5492b7c60
-
SHA1
b80d09616723614f7c8f10620c83c8ad77ceee11
-
SHA256
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529
-
SHA512
218ee163b8b7eca8c07e33979473c2cd82c363a21b710a85c7e620add6046ec653cda8869261638c0966e9c8234e513656fb3cfad7591551d3a699fa06c6bda4
-
SSDEEP
1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFV2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgY
Behavioral task
behavioral1
Sample
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://educacionsanvicentefundacion.com/iplookup/wYEInbaN/
https://www.4monkeys.com/wp-admin/dNAuBEKo/
http://haircutbar.com/cgi-bin/dNfEA5F/
http://gedebey-tvradio.info/wp-includes/T0J9THbd5f2/
Targets
-
-
Target
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529
-
Size
95KB
-
MD5
a81f285bedee2d96eea5d8e5492b7c60
-
SHA1
b80d09616723614f7c8f10620c83c8ad77ceee11
-
SHA256
2277985c3cc18362b1f97192ba6b2ed0720c9b7ed1356e8a3f1a3ab3494c0529
-
SHA512
218ee163b8b7eca8c07e33979473c2cd82c363a21b710a85c7e620add6046ec653cda8869261638c0966e9c8234e513656fb3cfad7591551d3a699fa06c6bda4
-
SSDEEP
1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFV2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-