Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2420028d36da51aa0dae20755b04a555fd1fb943900b92694dd07b98a240fcf8

  • Size

    330KB

  • Sample

    241121-ysdx7azrfk

  • MD5

    1aed40a6d6905d5925b73ed69e2abe5c

  • SHA1

    9db9a82acad118dc6982aebbeafad0da4275761c

  • SHA256

    2420028d36da51aa0dae20755b04a555fd1fb943900b92694dd07b98a240fcf8

  • SHA512

    d081ffea933add3fc01fa413503a28c4b7ecbcabff7adecaa7be2b827de87b116e9b7c5d30c402a2a70a3bdd42590c604ff8c179f2135df71c461aad2618c65e

  • SSDEEP

    6144:rGiWFJ+xCSNOoUApGXSgXra44WmkXOf21pNvdwSnNZ6hER+LtZwNANh:mc1peSyJTmOOydwSnNghEUN

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

p2a5

Decoy

gorillaslovebananas.com

zonaextasis.com

digitalpravin.online

memorialdoors.com

departmenteindhoven.com

vipulb.com

ruyibao365.com

ynpzz.com

matthewandjessica.com

winfrey2024.com

janetride.com

arairazur.xyz

alltheheads.com

amayawebdesigns.com

califunder.com

blacksource.xyz

farmasi.agency

ilmkibahar.com

thinkcentury.net

eskortclub.com

Targets

    • Target

      2420028d36da51aa0dae20755b04a555fd1fb943900b92694dd07b98a240fcf8

    • Size

      330KB

    • MD5

      1aed40a6d6905d5925b73ed69e2abe5c

    • SHA1

      9db9a82acad118dc6982aebbeafad0da4275761c

    • SHA256

      2420028d36da51aa0dae20755b04a555fd1fb943900b92694dd07b98a240fcf8

    • SHA512

      d081ffea933add3fc01fa413503a28c4b7ecbcabff7adecaa7be2b827de87b116e9b7c5d30c402a2a70a3bdd42590c604ff8c179f2135df71c461aad2618c65e

    • SSDEEP

      6144:rGiWFJ+xCSNOoUApGXSgXra44WmkXOf21pNvdwSnNZ6hER+LtZwNANh:mc1peSyJTmOOydwSnNghEUN

    • Xloader

      Xloader is a rebranded version of Formbook malware.

    • Xloader family

    • Xloader payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      sktwcrbcw.exe

    • Size

      168KB

    • MD5

      e0e19fe43a0197178e47411ecac579d9

    • SHA1

      df75c86efc582b3ae29dc024f1daf6355a039ccb

    • SHA256

      9c9a983c1bf4fa89f56449f43b4cee03f21c707e517da90ee010d43ccb451388

    • SHA512

      ce1792cfa792130031e46888bed40ff70c3c1d5713d99daae220c598d8705adf7367638615081db9f9b50e41981514a36eb5a554e5373ff6adc12c73869f8800

    • SSDEEP

      3072:pORNym+dox03cMBQhqyo0mh2+WBBO08cs7EMBkeqCBW8:pNdoxYccQhqyo0q2rBBO0YoikNCo8

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks