Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    138s
  • max time network
    136s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    07/07/2020, 07:40

General

  • Target

    Revised Pro-forma.doc

  • Size

    245KB

  • MD5

    31355a427ccc38ba77df8c75626e33f7

  • SHA1

    47d42d7885c1f27ebdae079d70a72042c94debe9

  • SHA256

    cfbbe350a3a5b906db87fa22e8a58a1760cfa776e6f1e0149b73a02b799d9b3a

  • SHA512

    917d2f60b8ac0f2f18158e382a8ce66ffbf13ddca867786a2833d1c9f0e54922e9d3db080eec8ec59fbe8d00b0c77095224f34a6347999e2378d6e24284943bf

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • NTFS ADS 1 IoCs
  • Modifies registry class 6 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Revised Pro-forma.doc" /o ""
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    • Checks processor information in registry
    • Enumerates system info in registry
    • NTFS ADS
    • Modifies registry class
    PID:2416

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads