Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

catalog-20...8.xlsm

windows7-x64

10

catalog-20...8.xlsm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01798d07d4de9a1921a9267ec9b4a64c9f04b4c4101d1b787fa327de12153653

  • Size

    72KB

  • Sample

    230920-pl81baac46

  • MD5

    1059d8776e9c3707584bbd7005fd5ad3

  • SHA1

    bda7d0aa54d18707fd04785bb849b99f9ac76b2c

  • SHA256

    01798d07d4de9a1921a9267ec9b4a64c9f04b4c4101d1b787fa327de12153653

  • SHA512

    b05a7fe99feb810ee03b1501ec173a24c26a54f0e54dab91c56288181b1c6df9940cfb2c0b20fd658bcd5529ea93f20e05f749552138c07ccad1af35eaca208a

  • SSDEEP

    1536:K2uMuGaF1Z/dDu6WAwsT9DZxMtFqh9zE/Mn4JZ4U+fjN6oKfAQ:K2CGa1K3AwsTrxH7KO4oZNWAQ

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://halle-auer20h.ru.com/lenta.html
xlm40.dropper

https://acienciaparaficarrico.com.br/drms/lenta.html
xlm40.dropper

https://deccanrestaurant.co.uk/drms/lenta.html
xlm40.dropper

https://steilppm.ac.id/drms/lenta.html

Targets

    • Target

      catalog-2048582418.xlsm

    • Size

      81KB

    • MD5

      b5f20259cc4d16c9608f7cc90e2df35b

    • SHA1

      c770a08241951d06e7c900f557cfaade4268c246

    • SHA256

      f5bfcf48c0cd34368b28b8ed027ef2c09d47133720f767633b2c1f8da3bb4b0e

    • SHA512

      3495abe20f881b5d201e1f3c56f0728d99cf645c7d2f3f799fe0d976caddd6fc38499ef1c9ed31a8fa1dfa2917d2d81ffe83098a375587bb83729d483ff31f98

    • SSDEEP

      1536:bhvD0tUn/dDuL7QQ64eyZJViW++poHndClu286aYbgBF+iyffn5:bVjwXQQteyZJAW++4dF286aYbgEfh

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks