Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    12a8c191d20c1f29213eca2789ac26feef1aa927f31758adefd0db768e35a3f3

  • Size

    31KB

  • Sample

    241221-trk8nasqdm

  • MD5

    fbf5c3cf349308e3571e1f61ea201e86

  • SHA1

    7ff1245ddbdea2ed0e1323d0b4caaaeb7454601f

  • SHA256

    12a8c191d20c1f29213eca2789ac26feef1aa927f31758adefd0db768e35a3f3

  • SHA512

    b1e538eaf26dfde33d8d6b6902d33ce4dda7a9938e7b9c30e40428e18e76114e8e5650c9ba7be042b11179812638576aba327d737723edc66b8ef51a4fa54bbb

  • SSDEEP

    768:MBDp5iKzCvHdUklfVSsJFHQ7RSC1COFF8FuZujc58bv8R:WiOkldSsXHiRJCOX8FuZgfbvM

Malware Config

Extracted

Language
xlm4.0
Source

Extracted

Family

icedid

Campaign

497724135

C2

ovedfromasi.top

Targets

    • Target

      69e2bc37da2c8a6f25fce37a024aca628f8216cb0ddcf70e1e55766eae011bf2

    • Size

      70KB

    • MD5

      3f031c12c95a4b52b74e08d4b0d76830

    • SHA1

      3a6443c08d8233b4e62e3ab47950061620225e75

    • SHA256

      69e2bc37da2c8a6f25fce37a024aca628f8216cb0ddcf70e1e55766eae011bf2

    • SHA512

      ab271d995c7de00466cd8a84dc5f63b25ec866bd0c61ba0decfaa951091718bf9a35412b7b14ec046fb131d7641bcb73486f524820fd9d3d29413ce03a2e2d71

    • SSDEEP

      1536:iXUu70LgnxWl7f/3jWCgiMthg8Mi3lHg9gIgmfgCjMiAOqTu/+vXWPbge96Lr4hH:iwL6W5fPKCNAXMixmHBfFzmu/mAbgwzh

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Icedid family

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks