Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

AppvIsvSub...64.dll

windows7-x64

1

AppvIsvSub...64.dll

windows10-2004-x64

3

Mso20Win32Client.dll

windows7-x64

1

Mso20Win32Client.dll

windows10-2004-x64

3

e-yazi.doc... .exe

windows7-x64

1

e-yazi.doc... .exe

windows10-2004-x64

5

e-yazi.pdf

windows7-x64

1

e-yazi.pdf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0dd55a234be8e3e07b0eb19f47abe594295889564ce6a9f6e8cc4d3997018839

  • Size

    748KB

  • Sample

    230515-qs6n7sea2w

  • MD5

    854e5c592e93b69b8ab08dbc8a0b673f

  • SHA1

    1615e1f0413086d0fe82e4a4756535645ddd99ea

  • SHA256

    0dd55a234be8e3e07b0eb19f47abe594295889564ce6a9f6e8cc4d3997018839

  • SHA512

    91dd4df316bfedd85c92a34e8aceefd319906c5049dad431793fd535c0c69a12583febc538c16e7527a82535e7e1f46512b28d66f80aaf8338f78d4aeb95ed7d

  • SSDEEP

    12288:Rnxlf7T53Uyy8v9lnj0Ge3Q4iaOApS5b1kPBgS4++1teAs8ryTPMJN:RrjT53Uae3ZOMS8Zx+teAs8rOPMJN

Score
5/10

Malware Config

Targets

    • Target

      AppvIsvSubsystems64.dll

    • Size

      130KB

    • MD5

      129da1e7c8613fd8c2843d9ec191e30e

    • SHA1

      29bab281b479fd972cbceb7cbae39ca62de3ddc4

    • SHA256

      60d96d8d3a09f822ded0a3c84194a5d88ed62a979cbb6378545b45b04353bb37

    • SHA512

      d611e467683fd6fa4d147a5c694df07344fad2ddf8bc315e70ad6501bce4e88f9478a4d8a7011272029452afd7d85d097a166f361cf22ba4116d7c8864709ea7

    • SSDEEP

      1536:cZXHlxruHwi3l75jaHVHbQRf4Ty/vfwrqtkgbOw+aDwlNN9+caF4dfaHHgHesXt2:iCQija17o//wKkg1HDRYdigJdOa+

    Score
    3/10
    behavioral1behavioral2

    • Target

      Mso20Win32Client.DLL

    • Size

      12KB

    • MD5

      751406bd384022cea9568fb344ca7f61

    • SHA1

      dab8b3b30bc4d9a14910e97abf23a417ae1dd96e

    • SHA256

      e3abb477f3230c94bfc97ec8f7cee8d4ad4a1fba16cda1f318cfa12780fd33f7

    • SHA512

      97b1ad05c6f10f7f2a4af4aeacdcad59f46c3b9b414ca53a7355ccaf99f912183db9047ac1d3c105b059df7f58ff5136fe0d0ac9cbca3f5dc7fe3d18c49c36a4

    • SSDEEP

      384:Lf9I8X425WOUD1p1aVPvlBL76i/maWI5ZWRkUi/nI:Tno25WOUDUVPDLZuoB/nI

    Score
    3/10
    behavioral3behavioral4

    • Target

      e-yazi.docx .exe

    • Size

      1.6MB

    • MD5

      b1820abc3a1ce2d32af04c18f9d2bfc3

    • SHA1

      b260d80fa81885d63565773480ca1e436ab657a0

    • SHA256

      6c55195f025fb895f9d0ec3edbf58bc0aa46c43eeb246cfb88eef1ae051171b3

    • SHA512

      01085bd21fb6206b2af03cdef7490c73960d66a9c8a730436f9aa1fcb350063313ac06274ad6c63575410cd2b2ac64a6d33166fe5facc861926f762c0ca67924

    • SSDEEP

      6144:ZmmDPbOztkAzkAZqrEdrEAZUCwFjNN1U:ZmmDgNPqrEdrEt

    Score
    5/10

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral5behavioral6

    • Target

      e-yazi.pdf

    • Size

      30KB

    • MD5

      f4ef5672af889429d95f111ea65ff490

    • SHA1

      58353e513c91cff6bbf350a52b58a232302f6339

    • SHA256

      7a9d27006887464220c456cc1cdbcf7766bc8fd760114b79b04a7e3fef73b33a

    • SHA512

      84aa8fe8e0187c3c4ee5bfb5fb5c4b5a4b1c5367d3d257d0efe38b80ab68fe91187db0b08a8e3aaa88b80109d4c99391058d5a54dfa07ea33f31bac36e06fdba

    • SSDEEP

      768:AcmYClxR/NHdnRfeXB1eRYDPzx8q5omSmgoZoZ63iCcYILOhILS:AXXTR5ReDJvc8Zv3bIO

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v6

Tasks