Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8757t68657.doc
-
Size
1.2MB
-
Sample
230301-l18fjsff93
-
MD5
4235233ad7b597102f4487fc1a60a626
-
SHA1
bc5b2271e68226a88af51453b0d8457f14bb6ca9
-
SHA256
e0c35894a02a5ffeca20200d4cb17e9b354c953d5704794242117c4e6307ca08
-
SHA512
edd8efdb085e2adcd564f49b73873fa2c699545421dba1807a72842ccd8af5b2ac6e7221b2e5568fd472aa18b90ba71afb688dce94fe6a1d1dd46a4fd5f52632
-
SSDEEP
24576:vGJPA5UEY+zNc5mLmUXhXB8hfHK9AoaIS4LMSpMp76I3xNBsFIEdOlq8VawE4kSC:p
Static task
static1
Behavioral task
behavioral1
Sample
8757t68657.rtf
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8757t68657.rtf
Resource
win10v2004-20230220-en
Malware Config
Extracted
formbook
4.1
b07o
rpalmerdecorating.co.uk
magellanalytics.net
28yorkave.com
woodburnershop.co.uk
jcw-media.com
helinica.com
yuaneju.com
akypan.top
cavidahome.com
annaswiatkowski.com
123findcapital.com
danielle.nyc
dhcons.click
ocnarf.co.uk
1wowoc.top
corbett.one
extersolutions.com
fcukart.com
fadaona.online
guangness.top
theretailclassroom.africa
christmasshop.boutique
aibaosc.com
bosscityteens.com
325978.xyz
informationdata92533.com
takingtechdowntown.com
hnaspi.xyz
feixiu99.com
ldkj084.vip
coverqwxc.com
gonanooklahoma.com
diabeticfeetsigns.site
lawtonsr.com
hampshireequineservices.org.uk
halftofull.com
drajanainamiranda.com
childcareworkerjobssearch.life
thepornaview.com
ascestates.com
782258.com
djkiralamaistanbul.click
elionee.com
cylligandiy.com
hapestdatexts.com
eltres.fun
fy-hotel.com
f52.shop
denverrealtytrends.com
liseecreacionesartesanales.com
onescribe.app
jj365.vip
ljbalm.com
thetechbuild.com
festadosamigosdorancho.com
experia-sa.com
gustavohenriqueads.site
healthymart.africa
allbrightpros.com
425washington.com
izarmarketing.com
tryfas.com
dccmovil.com
experience-city.com
kscompetitions.co.uk
Targets
-
-
Target
8757t68657.doc
-
Size
1.2MB
-
MD5
4235233ad7b597102f4487fc1a60a626
-
SHA1
bc5b2271e68226a88af51453b0d8457f14bb6ca9
-
SHA256
e0c35894a02a5ffeca20200d4cb17e9b354c953d5704794242117c4e6307ca08
-
SHA512
edd8efdb085e2adcd564f49b73873fa2c699545421dba1807a72842ccd8af5b2ac6e7221b2e5568fd472aa18b90ba71afb688dce94fe6a1d1dd46a4fd5f52632
-
SSDEEP
24576:vGJPA5UEY+zNc5mLmUXhXB8hfHK9AoaIS4LMSpMp76I3xNBsFIEdOlq8VawE4kSC:p
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-