Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    51fb97a11f49dac8e65a605de17d55bd9527d11a5fff01d017fcba9486437cc8

  • Size

    77KB

  • Sample

    241111-2c2wvsyble

  • MD5

    394857d07ea90cdbc58703314c79045c

  • SHA1

    dd837d6bed6b190b03f16f587257cff961b58334

  • SHA256

    51fb97a11f49dac8e65a605de17d55bd9527d11a5fff01d017fcba9486437cc8

  • SHA512

    00aeccc63c761ee0fbd04fe05ccd212cc414567dd392b9539ae8509299ad2182c5d0b52927f62b099d78fa0319d0b113df221ba9284e077ece1af2ba797c567f

  • SSDEEP

    1536:ASKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgew+hD8nTLqQrRrZws8Eau:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://natdemo.natrixsoftware.com/wp-admin/QyqiN/

xlm40.dropper

http://luisangeja.com/COPYRIGHT/BJljffG6/

xlm40.dropper

http://nerz.net/stats/KVIyooM/

Targets

    • Target

      51fb97a11f49dac8e65a605de17d55bd9527d11a5fff01d017fcba9486437cc8

    • Size

      77KB

    • MD5

      394857d07ea90cdbc58703314c79045c

    • SHA1

      dd837d6bed6b190b03f16f587257cff961b58334

    • SHA256

      51fb97a11f49dac8e65a605de17d55bd9527d11a5fff01d017fcba9486437cc8

    • SHA512

      00aeccc63c761ee0fbd04fe05ccd212cc414567dd392b9539ae8509299ad2182c5d0b52927f62b099d78fa0319d0b113df221ba9284e077ece1af2ba797c567f

    • SSDEEP

      1536:ASKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgew+hD8nTLqQrRrZws8Eau:LKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg5

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks