Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16xlsx_JC.xls
-
Size
220KB
-
Sample
231023-t3qbracc55
-
MD5
15c921cb2dac8d0ee2ca4fbe7f7c0989
-
SHA1
18bbe85e71bc15b10da55f70796ac86bd75936d9
-
SHA256
2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16
-
SHA512
6000006878ddf4446602606e85f2aa958b3952c1e109f85651b1254018faac844841418fb3f0bd951693aa5e6867e89997fe070785aed857566d4b93e60365ce
-
SSDEEP
6144:9Y35qAOJl/YrLYz+WrNhZF+E+fgL+0dD8ivSbVqfMIkoR0/WU/6FG07W:E3bVqfMIkoR0wG07W
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16xlsx_JC.xls
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16xlsx_JC.xls
Resource
win10v2004-20231020-en
Malware Config
Extracted
https://imageupload.io/ib/ws8MAJ6eptiLfGu_1697738492.jpg
https://imageupload.io/ib/ws8MAJ6eptiLfGu_1697738492.jpg
Targets
-
-
Target
NEAS.2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16xlsx_JC.xls
-
Size
220KB
-
MD5
15c921cb2dac8d0ee2ca4fbe7f7c0989
-
SHA1
18bbe85e71bc15b10da55f70796ac86bd75936d9
-
SHA256
2672783b07d4a03225cd11b484092db5792617647ba2f3ac4b447e22a9d0ed16
-
SHA512
6000006878ddf4446602606e85f2aa958b3952c1e109f85651b1254018faac844841418fb3f0bd951693aa5e6867e89997fe070785aed857566d4b93e60365ce
-
SSDEEP
6144:9Y35qAOJl/YrLYz+WrNhZF+E+fgL+0dD8ivSbVqfMIkoR0/WU/6FG07W:E3bVqfMIkoR0wG07W
-
Detect ZGRat V1
-
Blocklisted process makes network request
-
Abuses OpenXML format to download file from external location
-
Drops file in System32 directory
-