Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    70545c6c893567d9de72187f9cbb346500d333f34afc6a262ec00cf5f5150ce0

  • Size

    101KB

  • Sample

    241111-1qywpawpaz

  • MD5

    3fa7d299a3a18ea8340019e22fb6b9b0

  • SHA1

    62fd862fa4422b685cf34a6c812571221d416581

  • SHA256

    70545c6c893567d9de72187f9cbb346500d333f34afc6a262ec00cf5f5150ce0

  • SHA512

    f543a5f0a93c92397e33db0ed45daf637898dc7e45b281a5f9b46d4abe855090a1a1012d27dfcbd77f48ae5cc4167dd6f72d36f9649bcc8c9b1dd3535621c8ea

  • SSDEEP

    3072:WKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+MbOBzbq0f6RlD9fxW8s8OF:WKpb8rGYrMPe3q7Q0XV5xtuE8vG8UM+p

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://dlfreight.com/wp-includes/zLuZdtVkoriGTaRE/

xlm40.dropper

http://hadramout21.com/jetpack-temp/KjOqTnCwBbVrz8w/

xlm40.dropper

http://groupesther.com/wp-admin/2hhcMwfOG0aRi1t/

xlm40.dropper

http://datainline.com/aspnet_client/56LwAJvy/

xlm40.dropper

http://greycoconut.com/edm/0ywf2bF/

Targets

    • Target

      70545c6c893567d9de72187f9cbb346500d333f34afc6a262ec00cf5f5150ce0

    • Size

      101KB

    • MD5

      3fa7d299a3a18ea8340019e22fb6b9b0

    • SHA1

      62fd862fa4422b685cf34a6c812571221d416581

    • SHA256

      70545c6c893567d9de72187f9cbb346500d333f34afc6a262ec00cf5f5150ce0

    • SHA512

      f543a5f0a93c92397e33db0ed45daf637898dc7e45b281a5f9b46d4abe855090a1a1012d27dfcbd77f48ae5cc4167dd6f72d36f9649bcc8c9b1dd3535621c8ea

    • SSDEEP

      3072:WKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+MbOBzbq0f6RlD9fxW8s8OF:WKpb8rGYrMPe3q7Q0XV5xtuE8vG8UM+p

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks