Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
114s -
max time network
118s -
platform
windows7_x64 -
resource
win7 -
submitted
08/07/2020, 09:52
Static task
static1
Behavioral task
behavioral1
Sample
docume_1 (26240).xls
Resource
win7
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
docume_1 (26240).xls
Resource
win10v200430
0 signatures
0 seconds
General
-
Target
docume_1 (26240).xls
-
Size
175KB
-
MD5
57f7ad313612b3d47a8bb76671442df6
-
SHA1
f9ff251a04695859a9e7d29f3297fea841697bde
-
SHA256
0dcd36856f4103daa96e3b85d34973ad2665f99d6b52c3c8a3b50950f4edf3a5
-
SHA512
6c6d3ca49a4e01576b55d764e3bcac26aadaba0b9906cc268fbfbb36f2f77e0dd56298a2e35640c37d38ac696777d3cfb64d0b6748a83d37f2835964c2bcfc89
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1124 EXCEL.EXE 1124 EXCEL.EXE 1124 EXCEL.EXE 1124 EXCEL.EXE -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1124 EXCEL.EXE -
Suspicious behavior: AddClipboardFormatListener 1 IoCs
pid Process 1124 EXCEL.EXE
Processes
-
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /dde "C:\Users\Admin\AppData\Local\Temp\docume_1 (26240).xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious behavior: AddClipboardFormatListener
PID:1124