Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
baddoc.doc
-
Size
1.5MB
-
Sample
220907-ratglaheaq
-
MD5
0c4540f659d3942a28f158bce7be1143
-
SHA1
d1cc0f861f162dfbf9df1493fe861d02b80483f6
-
SHA256
37e259d6564071807b7b4266ed1dd8bf2059f3e7f438b8487dd0149e5e0487ec
-
SHA512
9b611fe0d00cc08bfa72cb7723af64f29b58e4db68d32ca07effa8e90fb7c8fd46a3a48b8b00d1e1dba09b4514bfb3c447ea59da5b4ac90797728cffa03313b0
-
SSDEEP
24576:WcuQXAlhOOZQ3XkaL17MlNuoQPc2V5TBDR4AtPe1LFGZ2KaO+79Gh8B:z53ClNADSDB7A8B
Behavioral task
behavioral1
Sample
baddoc.doc
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
baddoc.doc
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
baddoc.doc
-
Size
1.5MB
-
MD5
0c4540f659d3942a28f158bce7be1143
-
SHA1
d1cc0f861f162dfbf9df1493fe861d02b80483f6
-
SHA256
37e259d6564071807b7b4266ed1dd8bf2059f3e7f438b8487dd0149e5e0487ec
-
SHA512
9b611fe0d00cc08bfa72cb7723af64f29b58e4db68d32ca07effa8e90fb7c8fd46a3a48b8b00d1e1dba09b4514bfb3c447ea59da5b4ac90797728cffa03313b0
-
SSDEEP
24576:WcuQXAlhOOZQ3XkaL17MlNuoQPc2V5TBDR4AtPe1LFGZ2KaO+79Gh8B:z53ClNADSDB7A8B
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-