Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    68b56c3f725be6467cb6dbd35508595767186c9e2ad81e11b3bd5ffb0e48eb17

  • Size

    105KB

  • Sample

    241111-1y9m6awqfw

  • MD5

    9ee49c5e681f8cc1b3fa8a48f0ecb113

  • SHA1

    ee5a808b5f31f1ed6c1fae5c9df405a30029085f

  • SHA256

    68b56c3f725be6467cb6dbd35508595767186c9e2ad81e11b3bd5ffb0e48eb17

  • SHA512

    151c8e4bbfd0e824eca5c675a26b63b3956b016431d842018eb3eaf98dd2f626fbb6e9135786c2b01ac0249c6d7aee4279fb8a727f25b53b49580f6efc1fc0c2

  • SSDEEP

    3072:CGk3hbdlylKsgqopeJBWhZFGkE+cL2NdAydb4oifHMVhoSc2vUz3UWDG:Hk3hbdlylKsgqopeJBWhZFVE+W2NdAyu

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://91.240.118.168/qw/as/se.html

Targets

    • Target

      68b56c3f725be6467cb6dbd35508595767186c9e2ad81e11b3bd5ffb0e48eb17

    • Size

      105KB

    • MD5

      9ee49c5e681f8cc1b3fa8a48f0ecb113

    • SHA1

      ee5a808b5f31f1ed6c1fae5c9df405a30029085f

    • SHA256

      68b56c3f725be6467cb6dbd35508595767186c9e2ad81e11b3bd5ffb0e48eb17

    • SHA512

      151c8e4bbfd0e824eca5c675a26b63b3956b016431d842018eb3eaf98dd2f626fbb6e9135786c2b01ac0249c6d7aee4279fb8a727f25b53b49580f6efc1fc0c2

    • SSDEEP

      3072:CGk3hbdlylKsgqopeJBWhZFGkE+cL2NdAydb4oifHMVhoSc2vUz3UWDG:Hk3hbdlylKsgqopeJBWhZFVE+W2NdAyu

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks