Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1
-
Size
94KB
-
Sample
241111-zq62mawfmd
-
MD5
b58953ce514064e9bb2d44a9e25bcf80
-
SHA1
e27329ede963fd4e6b1f8dc7c0913f44474232f6
-
SHA256
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1
-
SHA512
b762cf47ebe3a58d6a5494d54060c5744f131f451d6efeee99fbea3d44484ad280d88d5c71797877379b0486cca92dc183270de5caff25ba41d7dcd09beee1c2
-
SSDEEP
1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ
Behavioral task
behavioral1
Sample
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://bosny.com/aspnet_client/NGTx1FUzq/
https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/
https://bulldogironworksllc.com/temp/BBh5HHpei/
Targets
-
-
Target
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1
-
Size
94KB
-
MD5
b58953ce514064e9bb2d44a9e25bcf80
-
SHA1
e27329ede963fd4e6b1f8dc7c0913f44474232f6
-
SHA256
b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1
-
SHA512
b762cf47ebe3a58d6a5494d54060c5744f131f451d6efeee99fbea3d44484ad280d88d5c71797877379b0486cca92dc183270de5caff25ba41d7dcd09beee1c2
-
SSDEEP
1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-