Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158

  • Size

    96KB

  • Sample

    241111-12qz8axhje

  • MD5

    9b31c0f8c612bd43524c1759f9bbc4cb

  • SHA1

    bf638f2868c0fe5dd7d2c0f66350dc3c06a6211f

  • SHA256

    fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158

  • SHA512

    ada31f89d2b9eb6e715c0512ad23e5bd515d3d86ab3abdc1c12d7f2ba28ffb89fef59d98f4ee7559090f0223ddcb95712f6faca709651410210c8f46ce5842d4

  • SSDEEP

    1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEHuS4hcTO97v7UYdEJm+7:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgI

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bpsjambi.id/about/CcN5IbuInPQ/

xlm40.dropper

https://greenlizard.co.za/amanah/pu8xeUOpqqq/

xlm40.dropper

https://akuntansi.itny.ac.id/asset/NH7qwRrn81Taa0VVqpx/

xlm40.dropper

https://www.yell.ge/nav_logo/x960wo3PHaIUm/

Targets

    • Target

      fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158

    • Size

      96KB

    • MD5

      9b31c0f8c612bd43524c1759f9bbc4cb

    • SHA1

      bf638f2868c0fe5dd7d2c0f66350dc3c06a6211f

    • SHA256

      fbc865b028d5203db594b9f9de1fab902d90b04343ef5efbcbb778f62db85158

    • SHA512

      ada31f89d2b9eb6e715c0512ad23e5bd515d3d86ab3abdc1c12d7f2ba28ffb89fef59d98f4ee7559090f0223ddcb95712f6faca709651410210c8f46ce5842d4

    • SSDEEP

      1536:WkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgEHuS4hcTO97v7UYdEJm+7:JKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgI

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks