Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

outstandin...e.docx

windows7_x64

7

outstandin...e.docx

windows10_x64

1

Analysis

  • max time kernel
    129s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    13/07/2020, 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    outstanding Invoice.docx

  • Size

    11KB

  • MD5

    1fd0ad98ad34487a085d21951810df40

  • SHA1

    ef3c5dee8d05130be97b775f544a50b2b9508828

  • SHA256

    4e78af549a183653180d52f672228c8ee41e48c2ff9e2f556c2110858e83ab29

  • SHA512

    ad87ca7fb1c7abf551ae64c9936d0bd55b6a4469c68c4f90aa90a7c753e743295c9df7f821dc1f5ee1ecbff95cc0c327394070a03a2544a22b34489641c333f1

Score
7/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Office loads VBA resources, possible macro or embedded object present
  • Abuses OpenXML format to download file from external location 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\outstanding Invoice.docx"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    • Abuses OpenXML format to download file from external location
    PID:1492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1492-0-0x0000000002230000-0x0000000002231000-memory.dmp

    Filesize

    4KB

    Download