Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02e1621facd6ebb2698a814906c384110f4215b04e83ec101d88632b06634d11

  • Size

    70KB

  • Sample

    241111-zt9a6awglg

  • MD5

    521bc1f41e77f88774d1adf4636c19be

  • SHA1

    3d88be6839b46da512da01a4b43072978dd257f5

  • SHA256

    02e1621facd6ebb2698a814906c384110f4215b04e83ec101d88632b06634d11

  • SHA512

    4063be7e26391c610dc6b57fdbcbd4f1435a2fef951aa9fc8e3548ca8c1242d3dd7a3b6c638991dd9e9eb6ec6280c6554c9b6f082d4c458e180662af8d0354a4

  • SSDEEP

    1536:OhKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+e+hDcnTLiQrRTZws8Eg0:uKpb8rGYrMPe3q7Q0XV5xtezE8vG8UMh

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://strachanclark.com/images/3gc4qCpSFYbBMDEC/

xlm40.dropper

https://synapse-archive.com/images/bKaMr/

xlm40.dropper

https://sumuvesa.com/wp-includes/rgL/

Targets

    • Target

      02e1621facd6ebb2698a814906c384110f4215b04e83ec101d88632b06634d11

    • Size

      70KB

    • MD5

      521bc1f41e77f88774d1adf4636c19be

    • SHA1

      3d88be6839b46da512da01a4b43072978dd257f5

    • SHA256

      02e1621facd6ebb2698a814906c384110f4215b04e83ec101d88632b06634d11

    • SHA512

      4063be7e26391c610dc6b57fdbcbd4f1435a2fef951aa9fc8e3548ca8c1242d3dd7a3b6c638991dd9e9eb6ec6280c6554c9b6f082d4c458e180662af8d0354a4

    • SSDEEP

      1536:OhKpb8rGYrMPe3q7Q0XV5xtezE8vG8UM+e+hDcnTLiQrRTZws8Eg0:uKpb8rGYrMPe3q7Q0XV5xtezE8vG8UMh

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks