Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0014c57bfd...3b.exe

windows10-1703-x64

10

0014c57bfd...3b.exe

windows10-2004-x64

10

660e3fcc23...81.exe

windows10-1703-x64

7

660e3fcc23...81.exe

windows10-2004-x64

7

9dc5600bed...30.exe

windows10-1703-x64

10

9dc5600bed...30.exe

windows10-2004-x64

10

Acwpn.exe

windows10-1703-x64

10

Acwpn.exe

windows10-2004-x64

7

DHL SHIPPI...DF.exe

windows10-1703-x64

10

DHL SHIPPI...DF.exe

windows10-2004-x64

10

Halkbank_E...f..exe

windows10-1703-x64

10

Halkbank_E...f..exe

windows10-2004-x64

10

INVOICEXAN...LS.rtf

windows10-1703-x64

1

INVOICEXAN...LS.rtf

windows10-2004-x64

1

Maersk Shi...cs.exe

windows10-1703-x64

10

Maersk Shi...cs.exe

windows10-2004-x64

10

ORDER INQU...01.exe

windows10-1703-x64

10

ORDER INQU...01.exe

windows10-2004-x64

10

PO-8372929.xls

windows10-1703-x64

1

PO-8372929.xls

windows10-2004-x64

1

QUOTATION 1.rtf

windows10-1703-x64

1

QUOTATION 1.rtf

windows10-2004-x64

1

Quotation.rtf

windows10-1703-x64

1

Quotation.rtf

windows10-2004-x64

1

e1cf593726...1b.exe

windows10-1703-x64

10

e1cf593726...1b.exe

windows10-2004-x64

10

macintosh.xlsx

windows10-1703-x64

1

macintosh.xlsx

windows10-2004-x64

1

Resubmissions

01/02/2023, 17:02 UTC

230201-vj6p3aah39 10

01/02/2023, 17:00 UTC

230201-vjf5eacg4s 10

01/02/2023, 16:57 UTC

230201-vgbrxacg2y 10

Analysis

  • max time kernel
    303s
  • max time network
    415s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    01/02/2023, 17:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO-8372929.xls

  • Size

    461KB

  • MD5

    e08cf4b188d5f8bf190189983b262ea7

  • SHA1

    f84bb8baa69ca833c271697dded917bdf710c4ba

  • SHA256

    a9c45f9d9af92c5a6c64c679414488d0d60916b501768379f8ca5e15d8955bab

  • SHA512

    d7f7fb63b80a26cd8f02a38bb5ad757441013a81ad190072abdc896a9d800f4079ec28f6653acb78b17c494e6425ef35d2d297e5083a06182b91bd49e3bbdb07

  • SSDEEP

    6144:2PXZ+RwPONXoRjDhIcp0fDlavx+W26nA1V0Y5ObF0I5eMFRI5elF0I5exF0I5eC:W6GYmWIvjIcWImWI

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\PO-8372929.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2628

Network

    No results found
  • 20.189.173.15:443
    322 B
     7
  • 209.197.3.8:80
    322 B
     7
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2628-120-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-121-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-122-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-123-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-132-0x00007FFADDC10000-0x00007FFADDC20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-133-0x00007FFADDC10000-0x00007FFADDC20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-296-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-297-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-298-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2628-299-0x00007FFAE0AA0000-0x00007FFAE0AB0000-memory.dmp

    Filesize

    64KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.