Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    be3c712d55adeeaffd6f633b310c02b1f8fd794e41a5dbd2565eca5d5f563325

  • Size

    95KB

  • Sample

    241111-1w9v5s1khj

  • MD5

    8947679ac9b008552a78a63126d0fbd4

  • SHA1

    117eab17770d5a812d2bd32c7e709bee92fbe759

  • SHA256

    be3c712d55adeeaffd6f633b310c02b1f8fd794e41a5dbd2565eca5d5f563325

  • SHA512

    4362d7b730c4f92e42f828247244d7abb4874bb69a0f9096276296d7440db40151a3822f1ff7f8ee4f722cd2a2255c1db3a2ccb6d95847843ea7b727889238a0

  • SSDEEP

    1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmL:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dga

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://fikti.bem.gunadarma.ac.id/SDM/YH8OJ1Zz8miBX/

xlm40.dropper

http://ebuysa.co.za/yt-assets/yZ30/

xlm40.dropper

http://3dstudioa.com.br/files/1ubPAB/

xlm40.dropper

http://boardmart.co.za/images/DvMHPbTLn/

Targets

    • Target

      be3c712d55adeeaffd6f633b310c02b1f8fd794e41a5dbd2565eca5d5f563325

    • Size

      95KB

    • MD5

      8947679ac9b008552a78a63126d0fbd4

    • SHA1

      117eab17770d5a812d2bd32c7e709bee92fbe759

    • SHA256

      be3c712d55adeeaffd6f633b310c02b1f8fd794e41a5dbd2565eca5d5f563325

    • SHA512

      4362d7b730c4f92e42f828247244d7abb4874bb69a0f9096276296d7440db40151a3822f1ff7f8ee4f722cd2a2255c1db3a2ccb6d95847843ea7b727889238a0

    • SSDEEP

      1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgNHuS4hcTO97v7UYdEJmL:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dga

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks