Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

Potwierdze...5).xls

windows7_x64

10

Potwierdze...5).xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Potwierdzenie transakcji (5).xls

  • Size

    856KB

  • Sample

    200714-jla6h2etv2

  • MD5

    92d6e6b45a4275700d0f6f57e1b41609

  • SHA1

    2d9aa61c33bdcc875e610edac331901ed59a5b44

  • SHA256

    2705cadf0dff4e6476415d0d51fafc2e121bdfde7e8649004bf1294a85f17a11

  • SHA512

    2d25de03fa17fdbaf4ec0370fbc339a98aca9dd2f203f6ff243c7f61d82108fcea9f61f42b025cf76bcacef86c252d45561b7c8a42d2e00521ca352c88b43158

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

http://officeservicecorp.biz/Lab.jpg

Targets

    • Target

      Potwierdzenie transakcji (5).xls

    • Size

      856KB

    • MD5

      92d6e6b45a4275700d0f6f57e1b41609

    • SHA1

      2d9aa61c33bdcc875e610edac331901ed59a5b44

    • SHA256

      2705cadf0dff4e6476415d0d51fafc2e121bdfde7e8649004bf1294a85f17a11

    • SHA512

      2d25de03fa17fdbaf4ec0370fbc339a98aca9dd2f203f6ff243c7f61d82108fcea9f61f42b025cf76bcacef86c252d45561b7c8a42d2e00521ca352c88b43158

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks