Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Cerere de cotatie.xla.xlsx

  • Size

    38KB

  • Sample

    240311-q4nyjacb9z

  • MD5

    558fadb14037e01b78e223e799b568d3

  • SHA1

    43758e1db2bc0fb7fded6ec864ec20973b26251a

  • SHA256

    64020a7a3f5f6c589272f28d727318eb5eb4eb4d41510679cb8134c0325c8fe2

  • SHA512

    ddf577683063e86cdcd27d850a4a1b25caa97adc7b31241d164abe5007de7ab74f832551db5a61bd105887a70ee8f7384ee602ffe40c21b8b5fa3ead25f4e254

  • SSDEEP

    768:2yBP0SIN+KncBtECea+bTK6p4Gjtw/tO9vkpjInEzkrFW57vsk60:2689hnIt7eR64twX0nEzksBD60

Score
8/10

Malware Config

Targets

    • Target

      Cerere de cotatie.xla.xlsx

    • Size

      38KB

    • MD5

      558fadb14037e01b78e223e799b568d3

    • SHA1

      43758e1db2bc0fb7fded6ec864ec20973b26251a

    • SHA256

      64020a7a3f5f6c589272f28d727318eb5eb4eb4d41510679cb8134c0325c8fe2

    • SHA512

      ddf577683063e86cdcd27d850a4a1b25caa97adc7b31241d164abe5007de7ab74f832551db5a61bd105887a70ee8f7384ee602ffe40c21b8b5fa3ead25f4e254

    • SSDEEP

      768:2yBP0SIN+KncBtECea+bTK6p4Gjtw/tO9vkpjInEzkrFW57vsk60:2689hnIt7eR64twX0nEzksBD60

    Score
    8/10
    • Blocklisted process makes network request

    • Abuses OpenXML format to download file from external location

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks