Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
document-037.rtf.zip
-
Size
2.1MB
-
Sample
220913-lvgewafcc4
-
MD5
df15eb810cb2982cf23fd8e74a545a34
-
SHA1
4390d2a3221a426e9ab3c1b0842728b9a3ff0a38
-
SHA256
83d6dbc86af826ea02bbb978510c92ffe95bb276ef59a76dc891b68e3fda11c3
-
SHA512
60fb96540ea9df2b715fa1ffc5e50cc0bc21670e73db324c945dab49cde23c5c89e045172d9c974fb529e898c0dd8d897145f5e0dcc8fd4d330476657c927fad
-
SSDEEP
49152:CtGKkgl5R/4NurkXDYqM/JDK6M3fKgDaKT:6GKk0DHkX8hDK9igDh
Behavioral task
behavioral1
Sample
document-037.rtf.docm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
document-037.rtf.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3281798692
kolinandod.com
Targets
-
-
Target
document-037.rtf.zip
-
Size
2.1MB
-
MD5
df15eb810cb2982cf23fd8e74a545a34
-
SHA1
4390d2a3221a426e9ab3c1b0842728b9a3ff0a38
-
SHA256
83d6dbc86af826ea02bbb978510c92ffe95bb276ef59a76dc891b68e3fda11c3
-
SHA512
60fb96540ea9df2b715fa1ffc5e50cc0bc21670e73db324c945dab49cde23c5c89e045172d9c974fb529e898c0dd8d897145f5e0dcc8fd4d330476657c927fad
-
SSDEEP
49152:CtGKkgl5R/4NurkXDYqM/JDK6M3fKgDaKT:6GKk0DHkX8hDK9igDh
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-