Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

市政工�...��.doc

windows7-x64

4

市政工�...��.doc

windows10-2004-x64

1

市政工�...01.xls

windows7-x64

1

市政工�...01.xls

windows10-2004-x64

1

市政工�...02.xls

windows7-x64

1

市政工�...02.xls

windows10-2004-x64

1

市政工�...03.xls

windows7-x64

1

市政工�...03.xls

windows10-2004-x64

1

市政工�...04.xls

windows7-x64

1

市政工�...04.xls

windows10-2004-x64

1

市政工�...05.xls

windows7-x64

1

市政工�...05.xls

windows10-2004-x64

1

市政工�...06.xls

windows7-x64

1

市政工�...06.xls

windows10-2004-x64

1

市政工�...07.xls

windows7-x64

1

市政工�...07.xls

windows10-2004-x64

1

市政工�...08.xls

windows7-x64

1

市政工�...08.xls

windows10-2004-x64

1

市政工�...09.xls

windows7-x64

1

市政工�...09.xls

windows10-2004-x64

1

市政工�...10.xls

windows7-x64

1

市政工�...10.xls

windows10-2004-x64

1

市政工�...11.xls

windows7-x64

1

市政工�...11.xls

windows10-2004-x64

1

市政工�...12.xls

windows7-x64

1

市政工�...12.xls

windows10-2004-x64

1

市政工�...13.xls

windows7-x64

1

市政工�...13.xls

windows10-2004-x64

1

市政工�...14.xls

windows7-x64

1

市政工�...14.xls

windows10-2004-x64

1

市政工�...15.xls

windows7-x64

1

市政工�...15.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    253s
  • max time network
    313s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/11/2022, 19:26 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    市政工程表格/市政资料/002.xls

  • Size

    20KB

  • MD5

    195ab7f0ceb31ab189830a8611132b74

  • SHA1

    fed3a37fa5acf53be9f6825dc0c2f34005c6d641

  • SHA256

    9a0ed496f8b9149308cc0f65366a14416ecfd74900527ecb9a85280397ab3943

  • SHA512

    9652df77feecb56098e129f6b32377cf035923cd839af654557763fa48aad9fbb5d32ca24a91cb10f7899f16e8acbb2d28a73b3143a911bc84a8a61913e1ba62

  • SSDEEP

    192:EiDpwpwpwpwqrvgR2V9nJFLJ060Lgw5K0yT9uoK2s9x:3eeeeqrvgR2jJVRQk064mk

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\市政工程表格\市政资料\002.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4512

Network

    No results found
  • 72.21.91.29:80
    46 B
     40 B
     1
    1
  • 93.184.220.29:80
    322 B
     7
  • 93.184.221.240:80
    322 B
     7
  • 93.184.221.240:80
    322 B
     7
  • 20.42.65.89:443
    322 B
     7
  • 104.80.225.205:443
    322 B
     7
  • 20.190.159.2:443
    260 B
     5
  • 51.104.15.253:443
    40 B
     1
  • 93.184.221.240:80
    322 B
     7
  • 93.184.221.240:80
    322 B
     7
  • 20.190.159.75:443
    260 B
     5
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4512-132-0x00007FFD1D890000-0x00007FFD1D8A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-133-0x00007FFD1D890000-0x00007FFD1D8A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-134-0x00007FFD1D890000-0x00007FFD1D8A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-135-0x00007FFD1D890000-0x00007FFD1D8A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-136-0x00007FFD1D890000-0x00007FFD1D8A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-137-0x00007FFD1B200000-0x00007FFD1B210000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-138-0x00007FFD1B200000-0x00007FFD1B210000-memory.dmp

    Filesize

    64KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.