Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    14/07/2020, 06:43

General

  • Target

    d584a370f4e27310aa842f83b35ea337e560c2308537c5113acb48a9187ee762.xls

  • Size

    198KB

  • MD5

    ce282d43e94e61a1a425cd1b0bb61aaf

  • SHA1

    1c138aad9dd01f7069e682da3162878ff1ffb24d

  • SHA256

    d584a370f4e27310aa842f83b35ea337e560c2308537c5113acb48a9187ee762

  • SHA512

    b39f1eb9595543b709281ced22e1bb46451241682ab6264ea5be2cefd310c08d8971ffb1073ab37530f3503b47752175c51dc30a309dc9a398a2e8aafb34a8c4

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\d584a370f4e27310aa842f83b35ea337e560c2308537c5113acb48a9187ee762.xls"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    • Enumerates system info in registry
    • Checks processor information in registry
    PID:976

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads