Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50_JC.xll
-
Size
12KB
-
Sample
231011-rdlk6abh2x
-
MD5
ad86b0520d48a0b530915850244f196b
-
SHA1
2d28250d44de5ce82ded47bfb29a8ae6353a3fa4
-
SHA256
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50
-
SHA512
138934773d669a60900a82ee011f781576dc82275b4c62e696472e1d5890c2b155bf60ecab4eefc1345d4c42fe125078013ee242b8581f28ad735cb288cb1a39
-
SSDEEP
192:uU5z9iLjq2pJk+/qcJklyJOEd8LsWGQwrgAh:3z9AbJH/IwJOs3/QwrgC
Static task
static1
Behavioral task
behavioral1
Sample
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50_JC.xll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50_JC.xll
Resource
win10v2004-20230915-en
Malware Config
Extracted
Targets
-
-
Target
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50_JC.xll
-
Size
12KB
-
MD5
ad86b0520d48a0b530915850244f196b
-
SHA1
2d28250d44de5ce82ded47bfb29a8ae6353a3fa4
-
SHA256
a11bd2bde079c17dc7b6793404f812830e99af2883f33ee49c01bc8c85751d50
-
SHA512
138934773d669a60900a82ee011f781576dc82275b4c62e696472e1d5890c2b155bf60ecab4eefc1345d4c42fe125078013ee242b8581f28ad735cb288cb1a39
-
SSDEEP
192:uU5z9iLjq2pJk+/qcJklyJOEd8LsWGQwrgAh:3z9AbJH/IwJOs3/QwrgC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-