618377f7b0c9c5f788d3ac58841c32ac321b5d759d67c68e6b661550cfa81760 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

2009faa4ef...37.doc

windows7-x64

1

2009faa4ef...37.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

8

decrypted.xlsx

windows10-2004-x64

1

Sharing

General

Target

2009faa4eff7371b148594eb3687da37
Size

1.3MB
Sample

231225-bp9t5ahbap
MD5

2009faa4eff7371b148594eb3687da37
SHA1

4a0d0e522ba9e7503298e3be55fa23b53c0e60bc
SHA256

618377f7b0c9c5f788d3ac58841c32ac321b5d759d67c68e6b661550cfa81760
SHA512

7f0ed88cc562bf337fa514794bb6e6c2b7314ee37e2843104ef895e7d322835f258462599fb2864879353274b4e8bf9fc245e1b88339f08fe6c65fa6b981964d
SSDEEP

24576:8CHacfoiu735lqnonawMkbNfOEZq/veTWDC4qjX8Ci:b3oN735lwonawMeKU7XM

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

2009faa4eff7371b148594eb3687da37.doc

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

2009faa4eff7371b148594eb3687da37.doc

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

decrypted.xlsx

Resource

win7-20231215-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral4

Sample

decrypted.xlsx

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2009faa4eff7371b148594eb3687da37
- Size
  
  1.3MB
- MD5
  
  2009faa4eff7371b148594eb3687da37
- SHA1
  
  4a0d0e522ba9e7503298e3be55fa23b53c0e60bc
- SHA256
  
  618377f7b0c9c5f788d3ac58841c32ac321b5d759d67c68e6b661550cfa81760
- SHA512
  
  7f0ed88cc562bf337fa514794bb6e6c2b7314ee37e2843104ef895e7d322835f258462599fb2864879353274b4e8bf9fc245e1b88339f08fe6c65fa6b981964d
- SSDEEP
  
  24576:8CHacfoiu735lqnonawMkbNfOEZq/veTWDC4qjX8Ci:b3oN735lwonawMeKU7XM
Score

1^/10
behavioral1 behavioral2
- Target
  
  decrypted
- Size
  
  1.2MB
- MD5
  
  4c942f8f3b2d89699d7d266294cbbc3a
- SHA1
  
  7fbd824cf010ce2e0e0dff8a67e0f5ab1a6595e4
- SHA256
  
  2c6eccc057782d6e6b390e306e50056683553540d34e7a187a4c407944618efc
- SHA512
  
  eefa6131e31534aace66e0d91283be16137b0153b53e9d529359b501d8fa553840edfd89a2b9b43b54f3c042d8494d816edb18c43b37888eb6e54440a3f44987
- SSDEEP
  
  24576:S0uqq0ya++dvdXXXXXXXXXXXXUXXXXXXXXXXXXXXXXHbNQePz+ikEc9IMA1zguMz:oNa++YbN5b+ikfN2sFHeTuLOg3np
Score

8^/10
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2025

Terms | Privacy