Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3
-
Size
63KB
-
Sample
241111-zxmasswhjd
-
MD5
5ddbd78b8000244a6a69b24b23b0f425
-
SHA1
ed5d56a224cbcf8ec54505381254bb80a32b7789
-
SHA256
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3
-
SHA512
1080f063e57a2a9cabeedd25f767db9750cd29896788783439b09d7575472f9a3b3fbe59763284f72ad1d166f379867110c4a185c3aeedd7c474d0ca8ad24b40
-
SSDEEP
1536:dpKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9HuS4VcTO9/r7UYdEJe5oN/:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgH
Behavioral task
behavioral1
Sample
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://www.careofu.com/PHPExcel/sQ78BedribNJZbGYj/
https://cedeco.es/js/n74fS/
http://balticcontrolbd.com/cgi-bin/Gu0xno0kIssGJF8/
https://fikti.bem.gunadarma.ac.id/SDM/qNeMUe2RvxdvuRlf/
Targets
-
-
Target
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3
-
Size
63KB
-
MD5
5ddbd78b8000244a6a69b24b23b0f425
-
SHA1
ed5d56a224cbcf8ec54505381254bb80a32b7789
-
SHA256
3309ab5e059263d016805bdc874d005e7b31e7853f5c3cd6e76adea7fff778d3
-
SHA512
1080f063e57a2a9cabeedd25f767db9750cd29896788783439b09d7575472f9a3b3fbe59763284f72ad1d166f379867110c4a185c3aeedd7c474d0ca8ad24b40
-
SSDEEP
1536:dpKpb8rGYrMPe3q7Q0XV5xtezEsi8/dg9HuS4VcTO9/r7UYdEJe5oN/:bKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-