Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

810ebf5e92...a.xlam

windows7-x64

10

810ebf5e92...a.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31f35ca20b780b98ef90ca253bfa0421.bin

  • Size

    602KB

  • Sample

    231011-brfdashe3w

  • MD5

    5cba60753aaec4e4f4d7847f9d88a42d

  • SHA1

    00900b3ed3f8a5d5b6e34e6311c8409c4a6bbb4a

  • SHA256

    fdd1164c316c8c42a06e9949728fc4171657c68bee5bd82cab7656c9b39ff989

  • SHA512

    bc446b327f9e8d858f9124b261b98ed3effe80c98282c40d254026dbcf5f994c6363f4d2e61f616e8bd1002ca24d9b8aca206feeb26970a7351b2e9227042a84

  • SSDEEP

    12288:GGpAYxPolI9CScBMmd7iOWOQpUAPXECepJaZvjmRTs17JjVwmzWWJS:YYxPkwC3BMS7dYUsECepJy7mRTs17JjS

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      810ebf5e922fcb6b70210661fc0285200cbefbd263a15bb8e487546af17c29da.xlsx

    • Size

      603KB

    • MD5

      31f35ca20b780b98ef90ca253bfa0421

    • SHA1

      d92c44e3605ac94d73b1110d36573716c6b25ebf

    • SHA256

      810ebf5e922fcb6b70210661fc0285200cbefbd263a15bb8e487546af17c29da

    • SHA512

      2a9e9b1fa7b2d5c7be52f0b3ff70f770953f09ef3e663c3d851b5a6e2d5a4c719e68d3d42b038d4e25ef0893e49f07f400a213d7286402bbede1d42d45dea1a7

    • SSDEEP

      12288:7fPnWmIDVKK4zt63WD28jc1kRGltCNxrRxzzbqn9c1zT3:LCDAM+jGkklYBzzOcdT3

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks