Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    918c1976729384603704efd1726dbafbdeac131bc4479d6dbf02efa23e3aedb1

  • Size

    243KB

  • Sample

    241111-zm117svnhx

  • MD5

    928dda9f65f5f32651e85cf4dc3ef1e8

  • SHA1

    1b206836ed27b7c00528eb8b35e84795e5a15476

  • SHA256

    918c1976729384603704efd1726dbafbdeac131bc4479d6dbf02efa23e3aedb1

  • SHA512

    f6f6c014bccc2fe396ea53726d92e946ff97cc5495a9532d47e82f368630e731c0f6330ed311f1c8022a1f300c0fce4205b29c027482edef6ce7a2b8c2a036ea

  • SSDEEP

    6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/04:ghEXs5fXR8rsNz

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://servidorcarlosydavid.es/wp-admin/jkNPgHxNjF/

xlm40.dropper

https://gmo-sol-p10.heteml.jp/includes/UoJMgYAc1EES/

xlm40.dropper

https://iashanghai.cn/z/Z1PG6ulBh20plss/

xlm40.dropper

https://www.pasionportufuturo.pe/wp-content/HkUfvw0xuCy5/

xlm40.dropper

http://dmdagents.com.au/vqwbgz/CL4Bo4C4VS0deg/

Targets

    • Target

      918c1976729384603704efd1726dbafbdeac131bc4479d6dbf02efa23e3aedb1

    • Size

      243KB

    • MD5

      928dda9f65f5f32651e85cf4dc3ef1e8

    • SHA1

      1b206836ed27b7c00528eb8b35e84795e5a15476

    • SHA256

      918c1976729384603704efd1726dbafbdeac131bc4479d6dbf02efa23e3aedb1

    • SHA512

      f6f6c014bccc2fe396ea53726d92e946ff97cc5495a9532d47e82f368630e731c0f6330ed311f1c8022a1f300c0fce4205b29c027482edef6ce7a2b8c2a036ea

    • SSDEEP

      6144:DKpbdrHYrMue8q7QPX+5xtFEdi8/dg/ThvsiKIjvl5fd1Xh8rsoX/w/04:ghEXs5fXR8rsNz

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks