Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1

  • Size

    94KB

  • Sample

    241111-zq62mawfmd

  • MD5

    b58953ce514064e9bb2d44a9e25bcf80

  • SHA1

    e27329ede963fd4e6b1f8dc7c0913f44474232f6

  • SHA256

    b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1

  • SHA512

    b762cf47ebe3a58d6a5494d54060c5744f131f451d6efeee99fbea3d44484ad280d88d5c71797877379b0486cca92dc183270de5caff25ba41d7dcd09beee1c2

  • SSDEEP

    1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://bosny.com/aspnet_client/NGTx1FUzq/

xlm40.dropper

https://www.berekethaber.com/hatax/c7crGdejW4380ORuxqR/

xlm40.dropper

https://bulldogironworksllc.com/temp/BBh5HHpei/

Targets

    • Target

      b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1

    • Size

      94KB

    • MD5

      b58953ce514064e9bb2d44a9e25bcf80

    • SHA1

      e27329ede963fd4e6b1f8dc7c0913f44474232f6

    • SHA256

      b4cb86aa6ca492de9f23e7b733683f13781505ff53928be75b06cf91f93879e1

    • SHA512

      b762cf47ebe3a58d6a5494d54060c5744f131f451d6efeee99fbea3d44484ad280d88d5c71797877379b0486cca92dc183270de5caff25ba41d7dcd09beee1c2

    • SSDEEP

      1536:JsKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgSUZx6FyxC3YGbl7BgWDFsqtNhWmDJdWh:6Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgZ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks