Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
P0_802389.doc
-
Size
3KB
-
Sample
230504-mpgdcsde6s
-
MD5
2fa467e21c54d460ba33ae52998ce40e
-
SHA1
64f6a710d760b228e3e64741b1977d737d94ef9b
-
SHA256
c6f102c5732a1b27a59064f2bd4c42019f32852b45d03b43350dfc1700ee1c04
-
SHA512
e5dc7c3227334179583c42156af61438ba08f3437c43f9d6811001af6da0cd7da10361f2a9c0263c6286ec6a49dc6625fb150649f0fa8c5435474cdee182aa27
Static task
static1
Behavioral task
behavioral1
Sample
P0_802389.rtf
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
P0_802389.rtf
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://172.174.176.153/dll/new_rump_vb.net.txt
Targets
-
-
Target
P0_802389.doc
-
Size
3KB
-
MD5
2fa467e21c54d460ba33ae52998ce40e
-
SHA1
64f6a710d760b228e3e64741b1977d737d94ef9b
-
SHA256
c6f102c5732a1b27a59064f2bd4c42019f32852b45d03b43350dfc1700ee1c04
-
SHA512
e5dc7c3227334179583c42156af61438ba08f3437c43f9d6811001af6da0cd7da10361f2a9c0263c6286ec6a49dc6625fb150649f0fa8c5435474cdee182aa27
Score10/10-
Blocklisted process makes network request
-
Drops file in System32 directory
-