Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

7a6367cdd9...C.xlam

windows7-x64

10

7a6367cdd9...C.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407_JC.xlsx

  • Size

    654KB

  • Sample

    231011-net25sbc21

  • MD5

    bb1be8aabfa3b7b55acaf121f7be3a05

  • SHA1

    a5a02621318a15252808779c217e49e876174ed9

  • SHA256

    7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407

  • SHA512

    c258d8fb2a76675d3058d7fcd5a34289b03452e521a68fa5b272b7bd1b72b3b191b112e66427914f007b40f52f5437ab54fb5545d6f628a4691a6f506208ba92

  • SSDEEP

    12288:X3ESjOqP3NhfIdnsaKZ3EDowgaimuSwHgF9aIfg8NkTNaK:nEzqIv4EsNPmuStPX+aK

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407_JC.xlsx

    • Size

      654KB

    • MD5

      bb1be8aabfa3b7b55acaf121f7be3a05

    • SHA1

      a5a02621318a15252808779c217e49e876174ed9

    • SHA256

      7a6367cdd9d6d0db0c685487937d09f9881cbbcdc936b3750bd89ed7fcbad407

    • SHA512

      c258d8fb2a76675d3058d7fcd5a34289b03452e521a68fa5b272b7bd1b72b3b191b112e66427914f007b40f52f5437ab54fb5545d6f628a4691a6f506208ba92

    • SSDEEP

      12288:X3ESjOqP3NhfIdnsaKZ3EDowgaimuSwHgF9aIfg8NkTNaK:nEzqIv4EsNPmuStPX+aK

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks