Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

f827ece173...c8.xls

windows7-x64

1

f827ece173...c8.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    39s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 16:26 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f827ece173eae33096a77e5689539360d36518135da21b245e5e3ad3d4dbc0c8.xls

  • Size

    31KB

  • MD5

    5303a7cc51ab82b40143cfbda3a500cf

  • SHA1

    612050d82cb8e5193c564e21e2b801952463d493

  • SHA256

    f827ece173eae33096a77e5689539360d36518135da21b245e5e3ad3d4dbc0c8

  • SHA512

    f9af1aa69208f622aa5bb0838b0f4d1cd186cf71bfa450909927928aee2083d0e70cf0c84cbc6756efdf79975b137400adc31edef7dc4dc2162c708ab2e7ee27

  • SSDEEP

    768:/PPPPrL733uCwR2Eyk+4Z1aMvTeZ/XcyuHFEdvhB:/PPPPrL733uC6yk+FMvGspSB

Score
1/10

Malware Config

Signatures

  • Office loads VBA resources, possible macro or embedded object present
  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\f827ece173eae33096a77e5689539360d36518135da21b245e5e3ad3d4dbc0c8.xls
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:576

Network

    No results found
  • 93.184.220.29:80
    46 B
     40 B
     1
    1
  • 209.197.3.8:80
    46 B
     40 B
     1
    1
  • 209.197.3.8:80
    46 B
     40 B
     1
    1
  • 72.21.91.29:80
    46 B
     40 B
     1
    1
  • 204.79.197.200:443
    40 B
     1
  • 104.193.88.126:80
    46 B
     40 B
     1
    1
  • 104.193.88.125:443
    46 B
     40 B
     1
    1
  • 204.79.197.200:443
    40 B
     1
  • 72.21.91.29:80
    46 B
     40 B
     1
    1
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/576-54-0x000000002FFE1000-0x000000002FFE4000-memory.dmp

    Filesize

    12KB

    Download

  • memory/576-55-0x0000000071D11000-0x0000000071D13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/576-56-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/576-57-0x0000000072CFD000-0x0000000072D08000-memory.dmp

    Filesize

    44KB

    Download

  • memory/576-58-0x00000000761E1000-0x00000000761E3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/576-65-0x0000000072CFD000-0x0000000072D08000-memory.dmp

    Filesize

    44KB

    Download

  • memory/576-66-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/576-67-0x0000000072CFD000-0x0000000072D08000-memory.dmp

    Filesize

    44KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.