Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f25e7975b8ceb08dfe6f34f743bf0de87ca82009835934acc8321050a5460b5

  • Size

    76KB

  • Sample

    241111-2b9v3syaqq

  • MD5

    7bc92014a9d0fe04e420db97055f76df

  • SHA1

    ad068c38a37d705f89cbf4a73b5b485f79574cc2

  • SHA256

    8f25e7975b8ceb08dfe6f34f743bf0de87ca82009835934acc8321050a5460b5

  • SHA512

    9eac1dc6e3b79c9c85d76a96fe5cb52f0ed3e421efcfc03afda9f64c1bace236f7153a0e6f0e488e2d35ca965566a9bdcba011b5167d1e928591f283e0db4c7b

  • SSDEEP

    1536:1I+Hymsbck3hbdlylKsgqopeJBWhZFGkE+cMLxAAISQ5gQ72IotO6nitSU6U+x:1I+HymsYk3hbdlylKsgqopeJBWhZFGkz

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://91.240.118.168/zzx/ccv/fe.html

Targets

    • Target

      8f25e7975b8ceb08dfe6f34f743bf0de87ca82009835934acc8321050a5460b5

    • Size

      76KB

    • MD5

      7bc92014a9d0fe04e420db97055f76df

    • SHA1

      ad068c38a37d705f89cbf4a73b5b485f79574cc2

    • SHA256

      8f25e7975b8ceb08dfe6f34f743bf0de87ca82009835934acc8321050a5460b5

    • SHA512

      9eac1dc6e3b79c9c85d76a96fe5cb52f0ed3e421efcfc03afda9f64c1bace236f7153a0e6f0e488e2d35ca965566a9bdcba011b5167d1e928591f283e0db4c7b

    • SSDEEP

      1536:1I+Hymsbck3hbdlylKsgqopeJBWhZFGkE+cMLxAAISQ5gQ72IotO6nitSU6U+x:1I+HymsYk3hbdlylKsgqopeJBWhZFGkz

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks