Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1
-
Size
80KB
-
Sample
241111-zrfwtswfnc
-
MD5
9cce75cab3d6b3bc64e84489a4221f6c
-
SHA1
fd28464754f84864d774676758876006c35bc0ab
-
SHA256
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1
-
SHA512
2a5ca429dddb31e760cea8344972bd3cbcb618956bf81ac8871f933951442543cc5882588c8844969f4f435f8ea2b5f6e4959ce625f8045f274e16a4037f56d3
-
SSDEEP
1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgFQHuS4VcTO9/r7UYdEJeF+:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dj
Behavioral task
behavioral1
Sample
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
http://beeslandkerman.ir/XPFvBDrNkT/lUkOx4VAOizId7u/
http://cerdi.com/_derived/J4Fu7VmGZQ7rGA/
https://www.chasingmavericks.co.ke/agendaafrikadebates.co.ke/QznOFMKV9R/
http://bsbmakina.com.tr/logo/eVWaAWm/
Targets
-
-
Target
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1
-
Size
80KB
-
MD5
9cce75cab3d6b3bc64e84489a4221f6c
-
SHA1
fd28464754f84864d774676758876006c35bc0ab
-
SHA256
503f902faf75195984ff348c5c00c192e9aedf1ccfec729558038d93a057a2e1
-
SHA512
2a5ca429dddb31e760cea8344972bd3cbcb618956bf81ac8871f933951442543cc5882588c8844969f4f435f8ea2b5f6e4959ce625f8045f274e16a4037f56d3
-
SSDEEP
1536:ROOKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgFQHuS4VcTO9/r7UYdEJeF+:RBKpb8rGYrMPe3q7Q0XV5xtezEsi8/dj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-