Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Credit confirmation.xls
-
Size
457KB
-
Sample
240510-jlz5hsed94
-
MD5
03b89a4337a09bc5d200b16ef43c8ec6
-
SHA1
e8154021f60ce06b321259df461e9bbfa468f345
-
SHA256
121b5365768697cce30074b9097cccecced51feb5f991d89574cb8f0626c4804
-
SHA512
337a96b68af23dbb07a0a22b82733f07a2b024ef4250326ed043528ea4b4ede82d9e1d873943487d73c185e5d47d6540a920682cfbbe8bd0c5ce7106b55e0b2d
-
SSDEEP
6144:ZZ+RwPONXoRjDhIcp0fDlavx+W26nAamxDun9zvCp4sJgXDHBMixiMK6G+ZFrTe2:kxu9bCfgXjpozwjTyYviDGnlQBs9zek
Static task
static1
Behavioral task
behavioral1
Sample
Credit confirmation.xls
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Credit confirmation.xls
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Credit confirmation.xls
-
Size
457KB
-
MD5
03b89a4337a09bc5d200b16ef43c8ec6
-
SHA1
e8154021f60ce06b321259df461e9bbfa468f345
-
SHA256
121b5365768697cce30074b9097cccecced51feb5f991d89574cb8f0626c4804
-
SHA512
337a96b68af23dbb07a0a22b82733f07a2b024ef4250326ed043528ea4b4ede82d9e1d873943487d73c185e5d47d6540a920682cfbbe8bd0c5ce7106b55e0b2d
-
SSDEEP
6144:ZZ+RwPONXoRjDhIcp0fDlavx+W26nAamxDun9zvCp4sJgXDHBMixiMK6G+ZFrTe2:kxu9bCfgXjpozwjTyYviDGnlQBs9zek
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Abuses OpenXML format to download file from external location
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-