Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
31/12/2023, 03:07
Behavioral task
behavioral1
Sample
25c08e69b652db4a4a705be2e7632d65.doc
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
25c08e69b652db4a4a705be2e7632d65.doc
Resource
win10v2004-20231215-en
General
-
Target
25c08e69b652db4a4a705be2e7632d65.doc
-
Size
35KB
-
MD5
25c08e69b652db4a4a705be2e7632d65
-
SHA1
e8cb54c08c18478064cc48b5c9a3ad03b7cc51a3
-
SHA256
4baf2c2588b59a2bb7c88a241ce17f88fddb6fb0517bac232d8843ba2d6f7c65
-
SHA512
7e4cbe3a2400fb96f3fd3264ad946b62eb8393d9354a1b2ac9279ee87a2054faf9e084b7094cab4b08dd8f6ceec9b1ebd13297bd6681cc863d97155ba321fa2a
-
SSDEEP
384:wgKilneYqnw5V0YeGD0e0UqZ+EvuC4Tv2bGujA7tq9tD:wgLeYqcGdq0ebEvuC1W7wb
Malware Config
Signatures
-
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar\ShowDiscussionButton = "Yes" WINWORD.EXE Key created \REGISTRY\USER\S-1-5-21-928733405-3780110381-2966456290-1000\Software\Microsoft\Internet Explorer\Toolbar WINWORD.EXE
Processes
-
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\25c08e69b652db4a4a705be2e7632d65.doc"1⤵
- Modifies Internet Explorer settings
PID:1244 -
C:\Windows\splwow64.exeC:\Windows\splwow64.exe 122882⤵PID:2688
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD583d4ff4b79d186e221f38100c9e02921
SHA1b8be0e6bdaeddf6dfd01e50bcedc7b501ba156df
SHA25629b2015765c4aeb05d64ae878b7eb665c115148f9babfd42b0bec80c9eebf8c5
SHA5127eaa9aeaf65c737c3ac1b5c9bf1d83b85027d598578f6840b265b820e2cc7d36d9644dda9892713331c8501ec8980f95ffee87be3b4603fbe80245acd54f35fd