Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    63b80a38278866460b33fb920d6f22c54ab5cc535013ba959914c86769fb93c7

  • Size

    46KB

  • Sample

    241111-zkjzxayrdl

  • MD5

    0679c889d5596d6ed500200ead00594c

  • SHA1

    e582ecb42da89cc7c138015224b240770713d3ea

  • SHA256

    63b80a38278866460b33fb920d6f22c54ab5cc535013ba959914c86769fb93c7

  • SHA512

    a33df12041d51c883ed04bd9a5efa61ad8bc50128fa3025f6bd2f5c2752a720874c6f65b680d7bbcc0a03b1c35f2fdfd51047361a7a331f93b368a384c36da1e

  • SSDEEP

    768:hDMPKpb8rGYrMPe3q7Q0XV5xtezE8vpI8UM+Vyis73q/44fq/uVB:hYKpb8rGYrMPe3q7Q0XV5xtezE8vG8UR

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://www.zardamarine.com/images/psQbAjrrEOXWPrS/

xlm40.dropper

http://kronostr.com/tr/68yHRhfuU7Qj/

xlm40.dropper

http://labfitouts.com/cgi-bin/Rea3Iu3wGvgAbTset0/

Targets

    • Target

      63b80a38278866460b33fb920d6f22c54ab5cc535013ba959914c86769fb93c7

    • Size

      46KB

    • MD5

      0679c889d5596d6ed500200ead00594c

    • SHA1

      e582ecb42da89cc7c138015224b240770713d3ea

    • SHA256

      63b80a38278866460b33fb920d6f22c54ab5cc535013ba959914c86769fb93c7

    • SHA512

      a33df12041d51c883ed04bd9a5efa61ad8bc50128fa3025f6bd2f5c2752a720874c6f65b680d7bbcc0a03b1c35f2fdfd51047361a7a331f93b368a384c36da1e

    • SSDEEP

      768:hDMPKpb8rGYrMPe3q7Q0XV5xtezE8vpI8UM+Vyis73q/44fq/uVB:hYKpb8rGYrMPe3q7Q0XV5xtezE8vG8UR

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks