Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Outlook_4....23.dll

windows7-x64

1

Outlook_4....23.dll

windows10-2004-x64

1

Outlook_4....64.dll

windows7-x64

7

Outlook_4....64.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c0ab8779a77a35685345f40cb15c794e5789a7215129b53930be356c670305df

  • Size

    15.7MB

  • Sample

    240628-ng3r3azbkj

  • MD5

    1c2261c68f3884c6332f38516275557c

  • SHA1

    919b30f56e551689ecbfed4d0bae6ac353f9c733

  • SHA256

    c0ab8779a77a35685345f40cb15c794e5789a7215129b53930be356c670305df

  • SHA512

    2986d15cd39b8ecf76697250aaad3a4ccff6f18d9be0faec310ebe5bda6cbc6d9e38fc28059de39999b7889a355191bc35e4b6a54ffe317dcfa6e3c643fe405e

  • SSDEEP

    393216:DkgCbhWQ/ecpGkUoI9kV5qhTHMryN4uTk2vnRT2c2c6wChT6w:DklbacwnkV5qJMAJvnRTzSPT6w

Score
7/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      Outlook_4.83.901.0_20231017/outlka23.dll

    • Size

      2.5MB

    • MD5

      9b5cc466186483554a3ee0c4fbd2bee7

    • SHA1

      d4acb4c21fa3e6b3fe3e7bb94cbfcd6af448a350

    • SHA256

      3b21b2dfd7b07d6c8b198e45d81abf8431e514b866707932976a16f15693f1ff

    • SHA512

      458cb1fe705129f828d457e089dd9b022ab4675eeef11792fdcaf4f70da9f439882c29a5dc83bba31f893d2c9bf34c3c49b1437e7b074beeee202eecfda43e0b

    • SSDEEP

      49152:GxtuksqLe7KWFlIyLfRcPZy9GEuPbP053:G5sqLeBIufRcPZU7

    Score
    1/10
    behavioral1behavioral2

    • Target

      Outlook_4.83.901.0_20231017/outlka64.dll

    • Size

      5.9MB

    • MD5

      20dba31f4e211f6bea144a0d2880cc6e

    • SHA1

      cdc90d1742b1a25487c2d3628103f80cfbc1a284

    • SHA256

      2fe16173326ea26ff89df46c061afea8b7bad2b540e8db5bd578f44f85e6933d

    • SHA512

      57885b1e08371fbe1e51e1f614f059437083219fac87c8f1c3c52c911ea205c6a6d09bfb7cc16da247023e2cfb8c4ed5f4f97fd1f3da5d04bd277d305a5a6483

    • SSDEEP

      98304:rfylCoe3XL+0a4Lyx+9QKiuFWJ6pCsbM23XsDM:DWCoe3Ze+t5FWJ6pZbMyc

    Score
    7/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks