Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158
-
Size
96KB
-
Sample
241111-12qz8axhje
-
MD5
9b31c0f8c612bd43524c1759f9bbc4cb
-
SHA1
bf638f2868c0fe5dd7d2c0f66350dc3c06a6211f
-
SHA256
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158
-
SHA512
ada31f89d2b9eb6e715c0512ad23e5bd515d3d86ab3abdc1c12d7f2ba28ffb89fef59d98f4ee7559090f0223ddcb95712f6faca709651410210c8f46ce5842d4
-
SSDEEP
1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEHuS4hcTO97v7UYdEJm+7:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgI
Behavioral task
behavioral1
Sample
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://bpsjambi.id/about/CcN5IbuInPQ/
https://greenlizard.co.za/amanah/pu8xeUOpqqq/
https://akuntansi.itny.ac.id/asset/NH7qwRrn81Taa0VVqpx/
https://www.yell.ge/nav_logo/x960wo3PHaIUm/
Targets
-
-
Target
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158
-
Size
96KB
-
MD5
9b31c0f8c612bd43524c1759f9bbc4cb
-
SHA1
bf638f2868c0fe5dd7d2c0f66350dc3c06a6211f
-
SHA256
fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158
-
SHA512
ada31f89d2b9eb6e715c0512ad23e5bd515d3d86ab3abdc1c12d7f2ba28ffb89fef59d98f4ee7559090f0223ddcb95712f6faca709651410210c8f46ce5842d4
-
SSDEEP
1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEHuS4hcTO97v7UYdEJm+7:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgI
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-