Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SecuriteInfo.com.Exploit.CVE-2018-0798.4.7696.22882.rtf
-
Size
6KB
-
Sample
230107-c1apvace77
-
MD5
5036c5caf4d3839c4768b846b2026b49
-
SHA1
05971e6e13b6a5e88ec50ae43fe89874516e88e6
-
SHA256
189f0ab021c39b7e837691b536c320ff30d20de3c27c938176ce3f0cc317987a
-
SHA512
4533f52b813929a5f6b344cf823619ba5b976f2b644071b7ab0c32bb4746cb3bab6eac0bf75e2a6103cbd8a14752d21d40abc7cb1ab5e01fd3025575c84c8a1f
-
SSDEEP
96:3UfUBpr9AuwfChEJcKrKJr4S545im7e/EhZiC+6ZVX8tXaH8r1i6DdEAFWU+LPoX:37pEJcl15X0e/MiqwashDdEAmLPm
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.CVE-2018-0798.4.7696.22882.rtf
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.CVE-2018-0798.4.7696.22882.rtf
Resource
win10v2004-20220901-en
Malware Config
Extracted
http://172.174.176.153/dll/NoStartUp.ppam
Targets
-
-
Target
SecuriteInfo.com.Exploit.CVE-2018-0798.4.7696.22882.rtf
-
Size
6KB
-
MD5
5036c5caf4d3839c4768b846b2026b49
-
SHA1
05971e6e13b6a5e88ec50ae43fe89874516e88e6
-
SHA256
189f0ab021c39b7e837691b536c320ff30d20de3c27c938176ce3f0cc317987a
-
SHA512
4533f52b813929a5f6b344cf823619ba5b976f2b644071b7ab0c32bb4746cb3bab6eac0bf75e2a6103cbd8a14752d21d40abc7cb1ab5e01fd3025575c84c8a1f
-
SSDEEP
96:3UfUBpr9AuwfChEJcKrKJr4S545im7e/EhZiC+6ZVX8tXaH8r1i6DdEAFWU+LPoX:37pEJcl15X0e/MiqwashDdEAmLPm
Score10/10-
Blocklisted process makes network request
-
Drops file in System32 directory
-