Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b

  • Size

    95KB

  • Sample

    241111-zntnhswdrm

  • MD5

    5c53af6b8c9ccacac5042d940acf6f91

  • SHA1

    bf1941d2d784584b392694b0249683c30439837b

  • SHA256

    ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b

  • SHA512

    ca4e1e86e09b3ca21303e9a1e55e7662c1ecacf80f40e55a186cf966fbe16631bc6dfb2cf6dddf3109fd471c3cc392b6513e012f770870eb852b1a271a294629

  • SSDEEP

    1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg4HuS4hcTO97v7UYdEJmQ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://cointrade.world/receipts/0LjXVwpQrhw/

xlm40.dropper

http://www.garantihaliyikama.com/wp-admin/jp64lssPHEe2ii/

xlm40.dropper

http://haircutbar.com/cgi-bin/BC3WAQ8zJY4ALXA4/

xlm40.dropper

http://airhobi.com/system/WLvH1ygkOYQO/

Targets

    • Target

      ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b

    • Size

      95KB

    • MD5

      5c53af6b8c9ccacac5042d940acf6f91

    • SHA1

      bf1941d2d784584b392694b0249683c30439837b

    • SHA256

      ac73468a30f0ff1a2e9c6d1ee4460e113a92bb9d1853e46adba3922c055a4d6b

    • SHA512

      ca4e1e86e09b3ca21303e9a1e55e7662c1ecacf80f40e55a186cf966fbe16631bc6dfb2cf6dddf3109fd471c3cc392b6513e012f770870eb852b1a271a294629

    • SSDEEP

      1536:UkKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg4HuS4hcTO97v7UYdEJmQ:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dge

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks