Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

NA_shellxsl_JC.xml

windows7-x64

1

NA_shellxsl_JC.xml

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2023, 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NA_shellxsl_JC.xml

  • Size

    455B

  • MD5

    34e208a5ed6cf6c8442eba63970a8f9b

  • SHA1

    d7ec693f9bd1603f551adbcfbd513eba2205de3d

  • SHA256

    6173930990c687e5b99f373761852d920c8ddb834638f5b581b550dfe69e42c4

  • SHA512

    f5d17a2e863a241e7584bbdd9aad9c453abc7d3bcebc869a4b9e7d661f2852995600900891dc6ea39c92404ae753d53902f6902c492efa90a5ccf4c813ee3e3d

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\NA_shellxsl_JC.xml"
    1⤵
      PID:3960
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 3960 -s 448
        2⤵
        • Program crash
        PID:1344
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 3960 -ip 3960
      1⤵
        PID:4768

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3960-134-0x00007FFE89CB0000-0x00007FFE89EA5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3960-133-0x00007FFE49D30000-0x00007FFE49D40000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3960-135-0x00007FFE89CB0000-0x00007FFE89EA5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3960-136-0x00007FFE87430000-0x00007FFE876F9000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/3960-137-0x00007FFE49D30000-0x00007FFE49D40000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3960-138-0x00007FFE89CB0000-0x00007FFE89EA5000-memory.dmp

        Filesize

        2.0MB

        Download