Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0fbd66a1b68ea45b9b416e5bb3721e24.xlsx

  • Size

    158KB

  • Sample

    240101-ym5tqabdh8

  • MD5

    0fbd66a1b68ea45b9b416e5bb3721e24

  • SHA1

    2b5071c21cf043030a15cf959609403c1102a17d

  • SHA256

    33005241b5867cf89969cf4980a1901cdda48fc967297d85f68e6417eafc0e11

  • SHA512

    c4cc908f616573dcfd2de06cd72445e1d58484d8e027d60b2a5d06d7dffe717110c2aeaf08c8ceda6a0801ba1cc26562961e0313a05f0a5bb5d596b356088852

  • SSDEEP

    3072:9HlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:9FTkeGKdxVyWxfMU3liWA6FsYq

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://biopaten.no/xeBP8Oj5/gg.html

xlm40.dropper

https://beartoothkawasaki.com/QJT19jhtwHt/gg.html

Targets

    • Target

      0fbd66a1b68ea45b9b416e5bb3721e24.xlsx

    • Size

      158KB

    • MD5

      0fbd66a1b68ea45b9b416e5bb3721e24

    • SHA1

      2b5071c21cf043030a15cf959609403c1102a17d

    • SHA256

      33005241b5867cf89969cf4980a1901cdda48fc967297d85f68e6417eafc0e11

    • SHA512

      c4cc908f616573dcfd2de06cd72445e1d58484d8e027d60b2a5d06d7dffe717110c2aeaf08c8ceda6a0801ba1cc26562961e0313a05f0a5bb5d596b356088852

    • SSDEEP

      3072:9HlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:9FTkeGKdxVyWxfMU3liWA6FsYq

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks