Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64

  • Size

    243KB

  • Sample

    241111-16lajaxjbx

  • MD5

    22df3285eddc15c65881dc76018ae1ba

  • SHA1

    f225e452e7ed46ea1598b8a8f07fbb1ab34ed2e9

  • SHA256

    bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64

  • SHA512

    bb289d550b5454edc36861a5062c468e2971a4e377adc73b6d0703721724897956cd744e7272ed6facb58818241abcf023d4ba7bcc214e17172f6d733028ccfe

  • SSDEEP

    6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/

xlm40.dropper

https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/

xlm40.dropper

https://iashanghai.cn/z/Z1PG6ulBh20plss/

xlm40.dropper

https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/

xlm40.dropper

http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/

Targets

    • Target

      bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64

    • Size

      243KB

    • MD5

      22df3285eddc15c65881dc76018ae1ba

    • SHA1

      f225e452e7ed46ea1598b8a8f07fbb1ab34ed2e9

    • SHA256

      bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64

    • SHA512

      bb289d550b5454edc36861a5062c468e2971a4e377adc73b6d0703721724897956cd744e7272ed6facb58818241abcf023d4ba7bcc214e17172f6d733028ccfe

    • SSDEEP

      6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks