Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1

  • Size

    80KB

  • Sample

    241111-zrfwtswfnc

  • MD5

    9cce75cab3d6b3bc64e84489a4221f6c

  • SHA1

    fd28464754f84864d774676758876006c35bc0ab

  • SHA256

    503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1

  • SHA512

    2a5ca429dddb31e760cea8344972bd3cbcb618956bf81ac8871f933951442543cc5882588c8844969f4f435f8ea2b5f6e4959ce625f8045f274e16a4037f56d3

  • SSDEEP

    1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgFQHuS4VcTO9/r7UYdEJeF+:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dj

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://beeslandkerman.ir/XPFvBDrNkT/lUkOx4VAOizId7u/

xlm40.dropper

http://cerdi.com/_derived/J4Fu7VmGZQ7rGA/

xlm40.dropper

https://www.chasingmavericks.co.ke/agendaafrikadebates.co.ke/QznOFMKV9R/

xlm40.dropper

http://bsbmakina.com.tr/logo/eVWaAWm/

Targets

    • Target

      503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1

    • Size

      80KB

    • MD5

      9cce75cab3d6b3bc64e84489a4221f6c

    • SHA1

      fd28464754f84864d774676758876006c35bc0ab

    • SHA256

      503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1

    • SHA512

      2a5ca429dddb31e760cea8344972bd3cbcb618956bf81ac8871f933951442543cc5882588c8844969f4f435f8ea2b5f6e4959ce625f8045f274e16a4037f56d3

    • SSDEEP

      1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgFQHuS4VcTO9/r7UYdEJeF+:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks