Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812

  • Size

    45KB

  • Sample

    241111-2bv2xsybjh

  • MD5

    90a6289b47a66456cd153d6e99a8b20e

  • SHA1

    00725545849567927ec2e5c46d22cf27a102d3a1

  • SHA256

    c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812

  • SHA512

    1d28cb5e811fb8b14db6d6e04a90ecbb1375bbdd8dbcc3180c4efb6d091aef024f4a4b68880fc9b7358b9ffb73240695817b7530af75bd81d0139126c79b19db

  • SSDEEP

    768:bkPKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgAPVdtWgojJcFDqCRt6vuVUeJlJ:bsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dx

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://fpd.cl/cgi-bin/83E0xgTMc/

xlm40.dropper

https://el-energiaki.gr/wp-content/plugins/really-simple-ssl/testssl/serverport443/WUV5PJA/

xlm40.dropper

https://www.manchesterslt.co.uk/a-to-z-of-slt/Ntrci3Ry/

xlm40.dropper

http://contactworks.nl/layouts/fFxKZabh/

xlm40.dropper

http://baykusoglu.com.tr/wp-admin/Y3sRBcOfZ34wg2sO/

Targets

    • Target

      c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812

    • Size

      45KB

    • MD5

      90a6289b47a66456cd153d6e99a8b20e

    • SHA1

      00725545849567927ec2e5c46d22cf27a102d3a1

    • SHA256

      c3180714e9ac76fd0572a25c646c209c95017ea6bfa0135774ac8ea6151a7812

    • SHA512

      1d28cb5e811fb8b14db6d6e04a90ecbb1375bbdd8dbcc3180c4efb6d091aef024f4a4b68880fc9b7358b9ffb73240695817b7530af75bd81d0139126c79b19db

    • SSDEEP

      768:bkPKpb8rGYrMPe3q7Q0XV5xtezEs/68/dgAPVdtWgojJcFDqCRt6vuVUeJlJ:bsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dx

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks