Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

dfe11b83da...4f.doc

windows7-x64

10

dfe11b83da...4f.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfe11b83da7c4dc02ff7675d086ff7ddd97fec71c62cc96f1a391f574bec6b4f

  • Size

    34KB

  • Sample

    240410-rvzt4sbc37

  • MD5

    12840e2c8a5f378153d9eaea226c592b

  • SHA1

    a6cfa25e5a9eb7fca97b19b2f5b8003ed7c7aaae

  • SHA256

    dfe11b83da7c4dc02ff7675d086ff7ddd97fec71c62cc96f1a391f574bec6b4f

  • SHA512

    d5c07898f3d313a12a38bc730543a33b68d73786a1f798fa0b9277ba324b14ec5833a2f06bbef6c562b964d664c7fcc3beec245add1e8c2437418c5f2a89e84d

  • SSDEEP

    384:tUMbR2efiSUR/8dBQfq9uVJQSwy9y0jbUDIotCW:tUMbR2l/qmJ1wLQUD

Score
10/10
macromacro_on_action

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://1833.site/gp00973.exe

Targets

    • Target

      dfe11b83da7c4dc02ff7675d086ff7ddd97fec71c62cc96f1a391f574bec6b4f

    • Size

      34KB

    • MD5

      12840e2c8a5f378153d9eaea226c592b

    • SHA1

      a6cfa25e5a9eb7fca97b19b2f5b8003ed7c7aaae

    • SHA256

      dfe11b83da7c4dc02ff7675d086ff7ddd97fec71c62cc96f1a391f574bec6b4f

    • SHA512

      d5c07898f3d313a12a38bc730543a33b68d73786a1f798fa0b9277ba324b14ec5833a2f06bbef6c562b964d664c7fcc3beec245add1e8c2437418c5f2a89e84d

    • SSDEEP

      384:tUMbR2efiSUR/8dBQfq9uVJQSwy9y0jbUDIotCW:tUMbR2l/qmJ1wLQUD

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks