Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.xls
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.xls
Resource
win10v2004-20240226-en
General
-
Target
d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.zip
-
Size
685KB
-
MD5
b66ffb353ad9ebc336ee0f2dec96c883
-
SHA1
b8ac3be528f437ae1f2b420abb8b8bffef79abc3
-
SHA256
16280a0690f0f39e7c2e17005d20bcac64340a2897a2f987bb1a3de1d06b28a5
-
SHA512
d18b52af228bd4cb9db69af8bd84998fe8af49a0d9b35ff5154b83f8c8d08a8d99a93d4f8e9700b48cfbb73aa6839cfb259a5632843bec6839c17aded68eb49e
-
SSDEEP
12288:Z4dfYUzbu9OzWpn/8y+TKCgKP2xVr0vhExhvAGGS9oXYGTt/MUizaN6qNCO:6XEO+/Zj/gvyxheB1izq6qV
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule static1/unpack001/d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.xls office_macro_on_action -
resource static1/unpack001/d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.xls
Files
-
d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.zip.zip
Password: infected
-
d53533af17c59740a5d3a823c6457074ac934705f41a174790d4edfbaa00fe38.xls.doc .xls windows office2003
ThisDocument
ExtCollection
frmAbout
frmConfigTables
frmEditVariables
frmHelpID
frmMedTraceSettings
frmReqKey
frmReqRea
frmRiskEvaluation
frmUpdateFieldError
mbReqKeyReqRea
mbCommandBar
mbConfigTables
mbCoverPage
WordWrapper
mbCV_RiskEvaluation
mbEditVariables
ViewResetter
mbWindowsAPI
mbGlobalFunctions
mbHelpID
mbFunctions
mbImportData
mbInitDocument
mbReviewReport
mbCV_RiskClass
mbUpdateFields
mbCodeReview
mbNormal
mbReviewReport1
mbMedTraceOutput
mbProperties
mbSortTorAndTorr
mbUncName
mbGlobalDefinitions
mbHelpLinks
mbInsert
mbMenus
mbLandscape