Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d8d62ab60f4bd68a765884a02cfda2b376c48f43364f3c17e8892646f4cc1cb6

  • Size

    95KB

  • Sample

    241120-xcvekasank

  • MD5

    64bca056ae9b708ff3297b5d7d51890c

  • SHA1

    3a7f02c7f996790de87b690c5db8123e4d7dd63f

  • SHA256

    d8d62ab60f4bd68a765884a02cfda2b376c48f43364f3c17e8892646f4cc1cb6

  • SHA512

    44ed1cc33f280238b8a4d0cddd6c942270f5a40278094ea2eb85af15fa79fe4ac50c6162018b4d8440289c3a3eed0b49accca519a5a979641415fc58939c5530

  • SSDEEP

    1536:PFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgPHuS4hcTO97v7UYdEJmXNXE:tKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgd

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://aysbody.com/catalog/Oax5/

xlm40.dropper

http://www.garantihaliyikama.com/wp-admin/QVvdNIasGj/

xlm40.dropper

https://yoymanajemen.id/wp-content/khXBxIm5/

xlm40.dropper

https://dawtona.dev.goldensystem.pl/wp-admin/EX05554XhKk3ee2cQ/

Targets

    • Target

      d8d62ab60f4bd68a765884a02cfda2b376c48f43364f3c17e8892646f4cc1cb6

    • Size

      95KB

    • MD5

      64bca056ae9b708ff3297b5d7d51890c

    • SHA1

      3a7f02c7f996790de87b690c5db8123e4d7dd63f

    • SHA256

      d8d62ab60f4bd68a765884a02cfda2b376c48f43364f3c17e8892646f4cc1cb6

    • SHA512

      44ed1cc33f280238b8a4d0cddd6c942270f5a40278094ea2eb85af15fa79fe4ac50c6162018b4d8440289c3a3eed0b49accca519a5a979641415fc58939c5530

    • SSDEEP

      1536:PFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgPHuS4hcTO97v7UYdEJmXNXE:tKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgd

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks