Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

book-test.xlsm

windows7-x64

10

book-test.xlsm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    book-test.xlsm

  • Size

    13KB

  • Sample

    221030-tsrf3aafeq

  • MD5

    9ea38cbd4b972be01563192fb495614f

  • SHA1

    98edf0787a561c176a2a303064207ddd82b2965b

  • SHA256

    b4201061a4b9961d16e83c58207ac5087e2e46187c6dff64250731d45bb0b90c

  • SHA512

    463830b10d512e4fe0909c51e55005e21e660493a80cb87aa43e22cd30c08b2d3eb93743813e0d8d67b7d57f7036b3cf3de563ea8b64e30ef3cd8ff1723bc5dc

  • SSDEEP

    192:EtJWseqxGvThVkikaFUlbVvevUqzZSVtg/XKfS34Obx/eqd/611cqGGFuxTDa9:EtJ7yTkqUlM9z+fekqd/oNSG9

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://192.168.233.129:80/sample-image.jpeg

Targets

    • Target

      book-test.xlsm

    • Size

      13KB

    • MD5

      9ea38cbd4b972be01563192fb495614f

    • SHA1

      98edf0787a561c176a2a303064207ddd82b2965b

    • SHA256

      b4201061a4b9961d16e83c58207ac5087e2e46187c6dff64250731d45bb0b90c

    • SHA512

      463830b10d512e4fe0909c51e55005e21e660493a80cb87aa43e22cd30c08b2d3eb93743813e0d8d67b7d57f7036b3cf3de563ea8b64e30ef3cd8ff1723bc5dc

    • SSDEEP

      192:EtJWseqxGvThVkikaFUlbVvevUqzZSVtg/XKfS34Obx/eqd/611cqGGFuxTDa9:EtJ7yTkqUlM9z+fekqd/oNSG9

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks