Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e774f88eec337e7bcc89f0551e7ca60d379ba41ab933ad7e11bb5d5a5b1fea41

  • Size

    37KB

  • Sample

    241111-zqmmzswfla

  • MD5

    febb8e9b4f698120f04df69a82bc0a3f

  • SHA1

    454aaff5225ad8ec0d5085fb11245106bcb48b2c

  • SHA256

    e774f88eec337e7bcc89f0551e7ca60d379ba41ab933ad7e11bb5d5a5b1fea41

  • SHA512

    eeff61761973337d26dc437b663c0e7d8c5e1f3206abc06346d4480f9a63eb092989dcee6c585772d8d4dd1b386afb0be661c93bfbbe7126e4e65fe4487f9dca

  • SSDEEP

    768:oP2/Mvd5dhTRdixmxE7l0VGpevZCw4QvmUxjfC30+kS4QyoX0Vyuvcc:oP2md5ZymxE7WRXYk4pEVyux

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://sp.mongoso.com/wp-content/pFP2GJ7/

xlm40.dropper

https://thetrendskill.com/wp-content/qDxBsanOsoImjuE5p8kCUI/

xlm40.dropper

http://houseofgiving.org/vu351/s5R18Bad10PT9XI6CSrcZ/%20

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://sp.mongoso.com/wp-content/pFP2GJ7/

xlm40.dropper

https://thetrendskill.com/wp-content/qDxBsanOsoImjuE5p8kCUI/

Targets

    • Target

      e774f88eec337e7bcc89f0551e7ca60d379ba41ab933ad7e11bb5d5a5b1fea41

    • Size

      37KB

    • MD5

      febb8e9b4f698120f04df69a82bc0a3f

    • SHA1

      454aaff5225ad8ec0d5085fb11245106bcb48b2c

    • SHA256

      e774f88eec337e7bcc89f0551e7ca60d379ba41ab933ad7e11bb5d5a5b1fea41

    • SHA512

      eeff61761973337d26dc437b663c0e7d8c5e1f3206abc06346d4480f9a63eb092989dcee6c585772d8d4dd1b386afb0be661c93bfbbe7126e4e65fe4487f9dca

    • SSDEEP

      768:oP2/Mvd5dhTRdixmxE7l0VGpevZCw4QvmUxjfC30+kS4QyoX0Vyuvcc:oP2md5ZymxE7WRXYk4pEVyux

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks