Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b87fb667aa731cdb921994abeac31f7f69df167d3380d28c95b745cd2cddafb7

  • Size

    114KB

  • Sample

    241111-zlcxzsyren

  • MD5

    b37d08f2ab3b96ba3f1b18da06d4e3b2

  • SHA1

    5af93c2b4bc14b1ae5c9f3a672ab26be2be15517

  • SHA256

    b87fb667aa731cdb921994abeac31f7f69df167d3380d28c95b745cd2cddafb7

  • SHA512

    73a6d9b8d88e1b1df9908d270d59bb7637359347b71e7fb254248cb55b84af04b4e4be627c42c86fee12d22f3e480d4912bb0a86cee843e6d6b9b990c2be6099

  • SSDEEP

    3072:yW+nBqmsk3hbdlylKsgqopeJBWhZFGkE+cMLxAAIXxe53lGvFTQ3IzxgdrvxpU0S:t+nBqmsk3hbdlylKsgqopeJBWhZFVE+S

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe5.html

Targets

    • Target

      b87fb667aa731cdb921994abeac31f7f69df167d3380d28c95b745cd2cddafb7

    • Size

      114KB

    • MD5

      b37d08f2ab3b96ba3f1b18da06d4e3b2

    • SHA1

      5af93c2b4bc14b1ae5c9f3a672ab26be2be15517

    • SHA256

      b87fb667aa731cdb921994abeac31f7f69df167d3380d28c95b745cd2cddafb7

    • SHA512

      73a6d9b8d88e1b1df9908d270d59bb7637359347b71e7fb254248cb55b84af04b4e4be627c42c86fee12d22f3e480d4912bb0a86cee843e6d6b9b990c2be6099

    • SSDEEP

      3072:yW+nBqmsk3hbdlylKsgqopeJBWhZFGkE+cMLxAAIXxe53lGvFTQ3IzxgdrvxpU0S:t+nBqmsk3hbdlylKsgqopeJBWhZFVE+S

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks