Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3791c2451184ca374d1bb80f47deb413387f4fbc0d0db561babe444c5cdbf489

  • Size

    63KB

  • Sample

    241111-1qywpa1jgr

  • MD5

    28bd9530b8ce827fc381b519c5f5c8db

  • SHA1

    3c70b9209af6b4ecaa971dc91cc690cd58345c65

  • SHA256

    3791c2451184ca374d1bb80f47deb413387f4fbc0d0db561babe444c5cdbf489

  • SHA512

    9e77c5a8d28066d56893c0fb5152437d41ced2f356cdc8fa10e0e15a049f7654c92143cac8a7d3a4c89b972c2785c84fefab8fbd2f50635fc7516dad204e0ea7

  • SSDEEP

    1536:d0Nk3hbdlylKsgqopeJBWhZFGkE+cL2NdAKzMk9B+ooszMk9A+oos:dak3hbdlylKsgqopeJBWhZFGkE+cL2NP

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://87.251.86.178/pp/oo.html

Targets

    • Target

      3791c2451184ca374d1bb80f47deb413387f4fbc0d0db561babe444c5cdbf489

    • Size

      63KB

    • MD5

      28bd9530b8ce827fc381b519c5f5c8db

    • SHA1

      3c70b9209af6b4ecaa971dc91cc690cd58345c65

    • SHA256

      3791c2451184ca374d1bb80f47deb413387f4fbc0d0db561babe444c5cdbf489

    • SHA512

      9e77c5a8d28066d56893c0fb5152437d41ced2f356cdc8fa10e0e15a049f7654c92143cac8a7d3a4c89b972c2785c84fefab8fbd2f50635fc7516dad204e0ea7

    • SSDEEP

      1536:d0Nk3hbdlylKsgqopeJBWhZFGkE+cL2NdAKzMk9B+ooszMk9A+oos:dak3hbdlylKsgqopeJBWhZFGkE+cL2NP

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks