8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

8d131fafbc...b6.xls

windows7-x64

8

8d131fafbc...b6.xls

windows10-2004-x64

1

Sharing

General

Target

8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6.xlsx
Size

332KB
Sample

240224-ktg5cafh5v
MD5

77d965dd6195cc14fbfdbbbf7a86b7ba
SHA1

7e796af62e94214f14a7630abfba485187b3c7de
SHA256

8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6
SHA512

4b44d491fd706b8ab1d748d6689c58f9b2cc752990146cc696d3239b135dbc04495b54725e0ebfeea4d3d8f0d84cc3efa4872a473b1c171fcacbfb95eda1e0f3
SSDEEP

6144:FVqYskzvCp4sJgDF1bqGHBMixiMK6G+ZFrTLOCii/D8Ug5PXYy9:FMYxbCfgD/bqEpozwjTLOC7D8DX

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6.xls

Resource

win7-20240220-en

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6.xls

Resource

win10v2004-20240221-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6.xlsx
- Size
  
  332KB
- MD5
  
  77d965dd6195cc14fbfdbbbf7a86b7ba
- SHA1
  
  7e796af62e94214f14a7630abfba485187b3c7de
- SHA256
  
  8d131fafbcc174ab6d33a73b0e7cbb72060a403cac403234578acfa762cef7b6
- SHA512
  
  4b44d491fd706b8ab1d748d6689c58f9b2cc752990146cc696d3239b135dbc04495b54725e0ebfeea4d3d8f0d84cc3efa4872a473b1c171fcacbfb95eda1e0f3
- SSDEEP
  
  6144:FVqYskzvCp4sJgDF1bqGHBMixiMK6G+ZFrTLOCii/D8Ug5PXYy9:FMYxbCfgD/bqEpozwjTLOC7D8DX
Score

8^/10
- Blocklisted process makes network request
- Abuses OpenXML format to download file from external location
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy