Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

New Order ...T.xlam

windows7-x64

10

New Order ...T.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New Order PO2087441006AUGUST.xlam.xlsx

  • Size

    715KB

  • Sample

    230828-ktwbzage5z

  • MD5

    34c74ed2300a242fb0c974a51c8c72e3

  • SHA1

    5221f4f8f3d4c208cdba6933ed4eb9d6e6919021

  • SHA256

    d4af8019f4fb6f832ad72af1304293684e5299a6f263228206efb74569d10e4b

  • SHA512

    c6d32a3055abb916623c0d20e18453686b317da29a43a5e8a0b690eeb4b90274051f5bbd50ac05a9170770028f569a43e7d9ed904326b94476c67592ac60f2df

  • SSDEEP

    12288:fu51V6q8xfTVjtiawK3VVOnjBmNB0d7UFBwYdG+IqK3uZuCnPO6rXL:fHZjUawOGgNBc7EW4GhqKj0PdXL

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

    • Target

      New Order PO2087441006AUGUST.xlam.xlsx

    • Size

      715KB

    • MD5

      34c74ed2300a242fb0c974a51c8c72e3

    • SHA1

      5221f4f8f3d4c208cdba6933ed4eb9d6e6919021

    • SHA256

      d4af8019f4fb6f832ad72af1304293684e5299a6f263228206efb74569d10e4b

    • SHA512

      c6d32a3055abb916623c0d20e18453686b317da29a43a5e8a0b690eeb4b90274051f5bbd50ac05a9170770028f569a43e7d9ed904326b94476c67592ac60f2df

    • SSDEEP

      12288:fu51V6q8xfTVjtiawK3VVOnjBmNB0d7UFBwYdG+IqK3uZuCnPO6rXL:fHZjUawOGgNBc7EW4GhqKj0PdXL

    Score
    10/10

    • Blocklisted process makes network request

    • Drops startup file

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks