Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812
-
Size
45KB
-
Sample
241111-2bv2xsybjh
-
MD5
90a6289b47a66456cd153d6e99a8b20e
-
SHA1
00725545849567927ec2e5c46d22cf27a102d3a1
-
SHA256
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812
-
SHA512
1d28cb5e811fb8b14db6d6e04a90ecbb1375bbdd8dbcc3180c4efb6d091aef024f4a4b68880fc9b7358b9ffb73240695817b7530af75bd81d0139126c79b19db
-
SSDEEP
768:bkPKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgAPVdtWgojJcFDqCRt6vuVUeJlJ:bsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dx
Behavioral task
behavioral1
Sample
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://fpd.cl/cgi-bin/83E0xgTMc/
https://el-energiaki.gr/wp-content/plugins/really-simple-ssl/testssl/serverport443/WUV5PJA/
https://www.manchesterslt.co.uk/a-to-z-of-slt/Ntrci3Ry/
http://contactworks.nl/layouts/fFxKZabh/
http://baykusoglu.com.tr/wp-admin/Y3sRBcOfZ34wg2sO/
Targets
-
-
Target
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812
-
Size
45KB
-
MD5
90a6289b47a66456cd153d6e99a8b20e
-
SHA1
00725545849567927ec2e5c46d22cf27a102d3a1
-
SHA256
c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812
-
SHA512
1d28cb5e811fb8b14db6d6e04a90ecbb1375bbdd8dbcc3180c4efb6d091aef024f4a4b68880fc9b7358b9ffb73240695817b7530af75bd81d0139126c79b19db
-
SSDEEP
768:bkPKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgAPVdtWgojJcFDqCRt6vuVUeJlJ:bsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-