Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

MIL0001069261.xlsm

windows7_x64

10

MIL0001069261.xlsm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MIL0001069261.xlsm

  • Size

    37KB

  • Sample

    200707-jl4pqaawhs

  • MD5

    e3f0a053c8ca4394c5352d41627b0a67

  • SHA1

    0ad720a9b870e87d5238c57f4bd1fb86dc4d3435

  • SHA256

    21861dfd5dc09356971994ea642e9f3dc7afe1319b2d41ac19317c85ac5d5087

  • SHA512

    144c98d170595b2bf151f251b31bd857858c4ca795af668da883530b1c4615a0ef8146681c8b14fa84b16c1f710a91a0f6019f9dec7d36e2d3acad47d4f488f4

Score
10/10
evasionspywaretrojan

Malware Config

Targets

    • Target

      MIL0001069261.xlsm

    • Size

      37KB

    • MD5

      e3f0a053c8ca4394c5352d41627b0a67

    • SHA1

      0ad720a9b870e87d5238c57f4bd1fb86dc4d3435

    • SHA256

      21861dfd5dc09356971994ea642e9f3dc7afe1319b2d41ac19317c85ac5d5087

    • SHA512

      144c98d170595b2bf151f251b31bd857858c4ca795af668da883530b1c4615a0ef8146681c8b14fa84b16c1f710a91a0f6019f9dec7d36e2d3acad47d4f488f4

    Score
    10/10
    evasionspywaretrojan

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Modifies system certificate store

      evasionspywaretrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks