Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a5d3ef09661e81b5dd4d8ad947c70b96b38d24b0085993ec6f774101783e97c

  • Size

    70KB

  • Sample

    241111-zxntmavrbs

  • MD5

    751c7a67cd382f46ea6f443de46f5bed

  • SHA1

    bfbc7a82f30f7267d23fefcb4e50c1b74d7eb85c

  • SHA256

    5a5d3ef09661e81b5dd4d8ad947c70b96b38d24b0085993ec6f774101783e97c

  • SHA512

    496c84dd6aa438e1c23cc1d27f08a6dfaf904bda5c17941efb9d9ac385073c0d63d857b8d26a7ed51b9ff0c7e2dfe29505112bc5c0f08ce65170cab8f726bfaf

  • SSDEEP

    1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe2.html

Targets

    • Target

      5a5d3ef09661e81b5dd4d8ad947c70b96b38d24b0085993ec6f774101783e97c

    • Size

      70KB

    • MD5

      751c7a67cd382f46ea6f443de46f5bed

    • SHA1

      bfbc7a82f30f7267d23fefcb4e50c1b74d7eb85c

    • SHA256

      5a5d3ef09661e81b5dd4d8ad947c70b96b38d24b0085993ec6f774101783e97c

    • SHA512

      496c84dd6aa438e1c23cc1d27f08a6dfaf904bda5c17941efb9d9ac385073c0d63d857b8d26a7ed51b9ff0c7e2dfe29505112bc5c0f08ce65170cab8f726bfaf

    • SSDEEP

      1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks