Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    INVOICE-9730015.docx.doc

  • Size

    11KB

  • Sample

    230816-xfrsvadb95

  • MD5

    86cf81e87b56f308ce6f4c88a1066415

  • SHA1

    d690c7e0067766162a9bb085ab510be2836d2074

  • SHA256

    3f64540878afa068e4bc7de3af3d3b48c0aa767e6e7ec94f9179b3cdd9768ac5

  • SHA512

    9c72f7ce5503674e55cf133fee6c5d4dfd2e2619bc80f081394943ba509f43ac3918b7e69c5de78ba512323e567abbc25a1bca692865ce0fb3712c3d8bb96769

  • SSDEEP

    192:9Eya0NRfX9i7jWoj4N5eNA2A+EnVs+mg1SoB8NJY6TO36PvUwKzQaUCaY9pFcWex:SyXRfkPWku5+A2bkBdBGJYuOqPqQc9zE

Score
10/10

Malware Config

Targets

    • Target

      INVOICE-9730015.docx.doc

    • Size

      11KB

    • MD5

      86cf81e87b56f308ce6f4c88a1066415

    • SHA1

      d690c7e0067766162a9bb085ab510be2836d2074

    • SHA256

      3f64540878afa068e4bc7de3af3d3b48c0aa767e6e7ec94f9179b3cdd9768ac5

    • SHA512

      9c72f7ce5503674e55cf133fee6c5d4dfd2e2619bc80f081394943ba509f43ac3918b7e69c5de78ba512323e567abbc25a1bca692865ce0fb3712c3d8bb96769

    • SSDEEP

      192:9Eya0NRfX9i7jWoj4N5eNA2A+EnVs+mg1SoB8NJY6TO36PvUwKzQaUCaY9pFcWex:SyXRfkPWku5+A2bkBdBGJYuOqPqQc9zE

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks