Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d8302dc906eb717050e6d820310ff439678c8319091a3911d555024ee102918d

  • Size

    95KB

  • Sample

    241111-znyx8svpbx

  • MD5

    18a978ad3150316717098ca96fba1d0d

  • SHA1

    922155018abb88e3dae5105fc76438a0cc6bd4b8

  • SHA256

    d8302dc906eb717050e6d820310ff439678c8319091a3911d555024ee102918d

  • SHA512

    c80a60b600920b90927d5d79f35edce4b0759ebd07a72bdaceadf58d4943efc4022eca64cf17655fce90a0c5966033a6723b2fae2000283d69f6b4a2eaa7f5ef

  • SSDEEP

    1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFR2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgU

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://educacionsanvicentefundacion.com/iplookup/wYEInbaN/

xlm40.dropper

https://www.4monkeys.com/wp-admin/dNAuBEKo/

xlm40.dropper

http://haircutbar.com/cgi-bin/dNfEA5F/

xlm40.dropper

http://gedebey-tvradio.info/wp-includes/T0J9THbd5f2/

Targets

    • Target

      d8302dc906eb717050e6d820310ff439678c8319091a3911d555024ee102918d

    • Size

      95KB

    • MD5

      18a978ad3150316717098ca96fba1d0d

    • SHA1

      922155018abb88e3dae5105fc76438a0cc6bd4b8

    • SHA256

      d8302dc906eb717050e6d820310ff439678c8319091a3911d555024ee102918d

    • SHA512

      c80a60b600920b90927d5d79f35edce4b0759ebd07a72bdaceadf58d4943efc4022eca64cf17655fce90a0c5966033a6723b2fae2000283d69f6b4a2eaa7f5ef

    • SSDEEP

      1536:iFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgYHuS4hcTO97v7UYdEJmFR2:cKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgU

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks