Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

P0_802389.rtf

windows7-x64

10

P0_802389.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    P0_802389.doc

  • Size

    3KB

  • Sample

    230504-mpgdcsde6s

  • MD5

    2fa467e21c54d460ba33ae52998ce40e

  • SHA1

    64f6a710d760b228e3e64741b1977d737d94ef9b

  • SHA256

    c6f102c5732a1b27a59064f2bd4c42019f32852b45d03b43350dfc1700ee1c04

  • SHA512

    e5dc7c3227334179583c42156af61438ba08f3437c43f9d6811001af6da0cd7da10361f2a9c0263c6286ec6a49dc6625fb150649f0fa8c5435474cdee182aa27

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://172.174.176.153/dll/new_rump_vb.net.txt

Targets

    • Target

      P0_802389.doc

    • Size

      3KB

    • MD5

      2fa467e21c54d460ba33ae52998ce40e

    • SHA1

      64f6a710d760b228e3e64741b1977d737d94ef9b

    • SHA256

      c6f102c5732a1b27a59064f2bd4c42019f32852b45d03b43350dfc1700ee1c04

    • SHA512

      e5dc7c3227334179583c42156af61438ba08f3437c43f9d6811001af6da0cd7da10361f2a9c0263c6286ec6a49dc6625fb150649f0fa8c5435474cdee182aa27

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks