Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64
-
Size
243KB
-
Sample
241111-16lajaxjbx
-
MD5
22df3285eddc15c65881dc76018ae1ba
-
SHA1
f225e452e7ed46ea1598b8a8f07fbb1ab34ed2e9
-
SHA256
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64
-
SHA512
bb289d550b5454edc36861a5062c468e2971a4e377adc73b6d0703721724897956cd744e7272ed6facb58818241abcf023d4ba7bcc214e17172f6d733028ccfe
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj
Behavioral task
behavioral1
Sample
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64.xls
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/
https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/
https://iashanghai.cn/z/Z1PG6ulBh20plss/
https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/
http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/
Targets
-
-
Target
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64
-
Size
243KB
-
MD5
22df3285eddc15c65881dc76018ae1ba
-
SHA1
f225e452e7ed46ea1598b8a8f07fbb1ab34ed2e9
-
SHA256
bc5b84975fc26e02450161cfcf6ac12da113162e7de7cda4d42b31b22a194a64
-
SHA512
bb289d550b5454edc36861a5062c468e2971a4e377adc73b6d0703721724897956cd744e7272ed6facb58818241abcf023d4ba7bcc214e17172f6d733028ccfe
-
SSDEEP
6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/0I:ghEXs5fXR8rsNj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-