Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4232c2803ebb56d35bd5d5cf915d95a7a92cd411a06295fc3f0ecc5833e2fa3a

  • Size

    95KB

  • Sample

    241111-13k6cswrev

  • MD5

    2952b83c3df2ef30434c2bd7ef931e6e

  • SHA1

    58b1c5a64dcfe5e78f01ba7bc3c786df1332fb81

  • SHA256

    4232c2803ebb56d35bd5d5cf915d95a7a92cd411a06295fc3f0ecc5833e2fa3a

  • SHA512

    09863152b9c9b57d55de7bfc3d5ec2a5a04c832ccc9b75ff2d32794785eb498ff96d5520d4cd16f26046cd665ec23766eb28febcbd3e8c350114edeb9b6e740d

  • SSDEEP

    1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg/HuS4hcTO97v7UYdEJmEj7u:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://yakosurf.com/wp-includes/y9jgKE7f1wMM/

xlm40.dropper

https://fikti.bem.gunadarma.ac.id/SDM/xDYmcOngg/

xlm40.dropper

http://armannahalpersian.ir/armannahalpersian/byxUd7hAO2/

xlm40.dropper

http://disweb.sk/lfHCegwZndgMs/KFfG/

Targets

    • Target

      4232c2803ebb56d35bd5d5cf915d95a7a92cd411a06295fc3f0ecc5833e2fa3a

    • Size

      95KB

    • MD5

      2952b83c3df2ef30434c2bd7ef931e6e

    • SHA1

      58b1c5a64dcfe5e78f01ba7bc3c786df1332fb81

    • SHA256

      4232c2803ebb56d35bd5d5cf915d95a7a92cd411a06295fc3f0ecc5833e2fa3a

    • SHA512

      09863152b9c9b57d55de7bfc3d5ec2a5a04c832ccc9b75ff2d32794785eb498ff96d5520d4cd16f26046cd665ec23766eb28febcbd3e8c350114edeb9b6e740d

    • SSDEEP

      1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg/HuS4hcTO97v7UYdEJmEj7u:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgm

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks