Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b
-
Size
95KB
-
Sample
241111-zntnhswdrm
-
MD5
5c53af6b8c9ccacac5042d940acf6f91
-
SHA1
bf1941d2d784584b392694b0249683c30439837b
-
SHA256
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b
-
SHA512
ca4e1e86e09b3ca21303e9a1e55e7662c1ecacf80f40e55a186cf966fbe16631bc6dfb2cf6dddf3109fd471c3cc392b6513e012f770870eb852b1a271a294629
-
SSDEEP
1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg4HuS4hcTO97v7UYdEJmQ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge
Behavioral task
behavioral1
Sample
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://cointrade.world/receipts/0LjXVwpQrhw/
http://www.garantihaliyikama.com/wp-admin/jp64lssPHEe2ii/
http://haircutbar.com/cgi-bin/BC3WAQ8zJY4ALXA4/
http://airhobi.com/system/WLvH1ygkOYQO/
Targets
-
-
Target
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b
-
Size
95KB
-
MD5
5c53af6b8c9ccacac5042d940acf6f91
-
SHA1
bf1941d2d784584b392694b0249683c30439837b
-
SHA256
ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b
-
SHA512
ca4e1e86e09b3ca21303e9a1e55e7662c1ecacf80f40e55a186cf966fbe16631bc6dfb2cf6dddf3109fd471c3cc392b6513e012f770870eb852b1a271a294629
-
SSDEEP
1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg4HuS4hcTO97v7UYdEJmQ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-