Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

4_57826390...9.docx

windows7_x64

7

4_57826390...9.docx

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4_5782639054168262929.docx

  • Size

    95KB

  • Sample

    200711-78m2q6me4x

  • MD5

    e51e433a767ef0598c96765c57fd2a58

  • SHA1

    a26b73801943eb12d3cb103306c10b47fe66e432

  • SHA256

    c5918c1c684c5dd20f039fb3442638a98d4e139936336d64b2accdeed7558390

  • SHA512

    44443ea971ae5765ea3ae32517e6eba4c370ad0b50cdde5a7dffb28861c6abbb46b3909b051341972df70fce0a42b66c1d9d1a6f3d53bc8d1d64cc26fcdacb5f

Score
10/10
evasionspywaretrojan

Malware Config

Targets

    • Target

      4_5782639054168262929.docx

    • Size

      95KB

    • MD5

      e51e433a767ef0598c96765c57fd2a58

    • SHA1

      a26b73801943eb12d3cb103306c10b47fe66e432

    • SHA256

      c5918c1c684c5dd20f039fb3442638a98d4e139936336d64b2accdeed7558390

    • SHA512

      44443ea971ae5765ea3ae32517e6eba4c370ad0b50cdde5a7dffb28861c6abbb46b3909b051341972df70fce0a42b66c1d9d1a6f3d53bc8d1d64cc26fcdacb5f

    Score
    10/10
    evasionspywaretrojan

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Abuses OpenXML format to download file from external location

    • Modifies system certificate store

      evasionspywaretrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks