Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Tender Enq...t.xlam

windows7-x64

10

Tender Enq...t.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Tender Enquiry UAE-Oman Railway Link Project.xlam.xlsx

  • Size

    673KB

  • Sample

    231107-swcxeacf76

  • MD5

    6c41c35e408a18d8e2d98eb3df016e87

  • SHA1

    4668e6de0070d0a92c63990099908029e45dd1ab

  • SHA256

    d9d0ce8ddb0663aacfbc594241b9ab4785419baf302563b8b2eb5d2249d963dd

  • SHA512

    db50ac69c927d3a7a2e904e7202a10d46b0fbc2e514444e3a87a44c60ec0380d398d9eda7c9ac239fcf5f2275500c53771a3ce4b8e11fd960849b9140c61c1d9

  • SSDEEP

    12288:HsLFsXoGaZop0qBD5xOQ5A09Fz5eDH/SxJigHkD3D5eeb6p9XjRe:H2sXoNKLNxO94sqzpS3R6v4

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/654/536/original/new_image.jpg?1698957750
exe.dropper

https://uploaddeimagens.com.br/images/004/654/536/original/new_image.jpg?1698957750

Targets

    • Target

      Tender Enquiry UAE-Oman Railway Link Project.xlam.xlsx

    • Size

      673KB

    • MD5

      6c41c35e408a18d8e2d98eb3df016e87

    • SHA1

      4668e6de0070d0a92c63990099908029e45dd1ab

    • SHA256

      d9d0ce8ddb0663aacfbc594241b9ab4785419baf302563b8b2eb5d2249d963dd

    • SHA512

      db50ac69c927d3a7a2e904e7202a10d46b0fbc2e514444e3a87a44c60ec0380d398d9eda7c9ac239fcf5f2275500c53771a3ce4b8e11fd960849b9140c61c1d9

    • SSDEEP

      12288:HsLFsXoGaZop0qBD5xOQ5A09Fz5eDH/SxJigHkD3D5eeb6p9XjRe:H2sXoNKLNxO94sqzpS3R6v4

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks