Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

7604b60990...JC.rtf

windows7-x64

10

7604b60990...JC.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/08/2023, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7604b60990297c5b6f34db41501c0297dbeac0f303377ccc92c4092579b2c846_JC.rtf

  • Size

    50KB

  • MD5

    50dc985e3749a03e19cad19ecf48888e

  • SHA1

    b800887d75f8cfe2f55541e7d201e94e46ca8ab1

  • SHA256

    7604b60990297c5b6f34db41501c0297dbeac0f303377ccc92c4092579b2c846

  • SHA512

    f71edc4d2f9440c66b9acc0e90e36c65d412f4f8b247f6cca1f20137e3ba320a1493e5cca80e2aaaca2610b35e6c960cb0997066c3c921aea63dc61279bb40e0

  • SSDEEP

    768:zwAbZSibMX9gRWj4rOoE3M04JUNWMgQvWx1BuYUdVJ:zwAlR/23KUNWdjrUdVJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\7604b60990297c5b6f34db41501c0297dbeac0f303377ccc92c4092579b2c846_JC.rtf" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4512-133-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-134-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-136-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-137-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-135-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-138-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-139-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-140-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-141-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-142-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-143-0x00007FF9D1270000-0x00007FF9D1280000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-144-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-146-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-147-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-148-0x00007FF9D1270000-0x00007FF9D1280000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-149-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4512-179-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-181-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-180-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-182-0x00007FF9D3870000-0x00007FF9D3880000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-183-0x00007FFA137F0000-0x00007FFA139E5000-memory.dmp

    Filesize

    2.0MB

    Download