Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

bac63e40c3...bd.doc

windows7_x64

1

bac63e40c3...bd.doc

windows10_x64

1

Analysis

  • max time kernel
    114s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    11/07/2020, 07:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bac63e40c39f30d650336240dedf0c2d0b555969c83c1fe038466600dc667ebd.doc

  • Size

    245KB

  • MD5

    25507b6c0ce21c0d12c727acb8dc0ef2

  • SHA1

    6f7d5a70d77c2e79a5b526c42bf299f43c21898d

  • SHA256

    bac63e40c39f30d650336240dedf0c2d0b555969c83c1fe038466600dc667ebd

  • SHA512

    76a6e6820d852cb32b2cf3cf064ff370a4b917734d06b21b3a493d9afc8799a8f531b35bd7069b6cfde342b564d886be2656df10ecdc9433629e373d00ccce04

Score
1/10

Malware Config

Signatures

  • Office loads VBA resources, possible macro or embedded object present
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\bac63e40c39f30d650336240dedf0c2d0b555969c83c1fe038466600dc667ebd.doc"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads