Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

P10_Return_XLS.xls

windows7-x64

1

P10_Return_XLS.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/08/2023, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    P10_Return_XLS.xls

  • Size

    4.3MB

  • MD5

    504ae0911586df80721873efcd8fee16

  • SHA1

    2cb9d3d72fb2ed4dd7d69774f9132df013b7e270

  • SHA256

    285aeb7be25058b48c82a45a0989dbb916e918aaaa3dbae02c1af67b45a10523

  • SHA512

    305f8eccdec3a12526cb5384898c134028e16eb703bf5be983e5abafcb1523d1d0f8ec0b44644856b3982c6c5a36eb5e3a1ca9a52441a4a554be71a08730c604

  • SSDEEP

    98304:vPe/wk3JRWDsNpgLB6zMKs4oKYSiWb4B3ARnN+lJvL+M:vPaJRWQNpgLB6zMKs4oKYSiWb4B3ARnC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\P10_Return_XLS.xls"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:3820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3820-133-0x00007FFEF4790000-0x00007FFEF47A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-134-0x00007FFEF4790000-0x00007FFEF47A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-136-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-135-0x00007FFEF4790000-0x00007FFEF47A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-137-0x00007FFEF4790000-0x00007FFEF47A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-138-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-139-0x00007FFEF4790000-0x00007FFEF47A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-140-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-141-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-142-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-144-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-145-0x00007FFEF2460000-0x00007FFEF2470000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-143-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-146-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-147-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-148-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-149-0x00007FFEF2460000-0x00007FFEF2470000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-150-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-151-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-152-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-153-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-154-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-276-0x0000027C18AF0000-0x0000027C19AC0000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3820-277-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-278-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-282-0x00007FFF34710000-0x00007FFF34905000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3820-303-0x0000027C18AF0000-0x0000027C19AC0000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3820-310-0x0000027C121C0000-0x0000027C13190000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3820-326-0x0000027C121C0000-0x0000027C13190000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3820-327-0x0000027C121C0000-0x0000027C13190000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3820-328-0x0000027C121C0000-0x0000027C13190000-memory.dmp

    Filesize

    15.8MB

    Download