Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

swiftcelsurdoc.rtf

windows7-x64

10

swiftcelsurdoc.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    swiftcelsurdoc.doc

  • Size

    139KB

  • Sample

    230705-p78lnscd79

  • MD5

    bc0afa18a6a091e8114f91ac046ca4ae

  • SHA1

    38b2991fe27e50a799125a2140125604d25652c6

  • SHA256

    e710a319c64ce4faf4f267cbe40505c2a5c86d727a854d5df0c59fd13840fc5c

  • SHA512

    aabe0f79f326b62ce9cd68187d1b962c6a6c4d525a26fe653588c730c96aaa24a65568cdab480ee9783af038b6486e4db7246a2c5b6d11d9ace1a804fe1a3edc

  • SSDEEP

    1536:9n88DGSl0JZ/OTpx8bG+SMKCe6T71AsKJrlCIqmhpxjlBizZIMUGIht0/9jM8sx9:9n9cS+SxXQFYyH9l+TjRI30pXNH

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://cryptersandtools.minhacasa.tv/e/e

Targets

    • Target

      swiftcelsurdoc.doc

    • Size

      139KB

    • MD5

      bc0afa18a6a091e8114f91ac046ca4ae

    • SHA1

      38b2991fe27e50a799125a2140125604d25652c6

    • SHA256

      e710a319c64ce4faf4f267cbe40505c2a5c86d727a854d5df0c59fd13840fc5c

    • SHA512

      aabe0f79f326b62ce9cd68187d1b962c6a6c4d525a26fe653588c730c96aaa24a65568cdab480ee9783af038b6486e4db7246a2c5b6d11d9ace1a804fe1a3edc

    • SSDEEP

      1536:9n88DGSl0JZ/OTpx8bG+SMKCe6T71AsKJrlCIqmhpxjlBizZIMUGIht0/9jM8sx9:9n9cS+SxXQFYyH9l+TjRI30pXNH

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks