Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

20240506_12082.xls

windows7-x64

10

20240506_12082.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20240506_12082.xls

  • Size

    310KB

  • Sample

    240701-l2sfqavepe

  • MD5

    82867f01d83d7b77d04e3c6e78d15be5

  • SHA1

    78028bb5558df37006e71b5d783fec631249731a

  • SHA256

    33234512d5289f9bfee04f9b1186805430af2caafe29a6a17be45bed3f5b12da

  • SHA512

    ad0dd12169a0e256017c337179494548b071d0a509afe17d0ff985a4a669147b9f141eafe00a3d8f8cf16dd3c75c5ca34ed67e1135eef2c4cbecf9f79a656b0c

  • SSDEEP

    6144:nqFzL5LIT47HSmC/EHmxS6hBBBqzfGgx8vXJsk3CCAz1t6oimIQ:nqFzu4LSm9HWScfsrGgx8veICCAzyoia

Score
10/10
execution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/805/740/original/vbs.jpg?1719582739
exe.dropper

https://uploaddeimagens.com.br/images/004/805/740/original/vbs.jpg?1719582739

Targets

    • Target

      20240506_12082.xls

    • Size

      310KB

    • MD5

      82867f01d83d7b77d04e3c6e78d15be5

    • SHA1

      78028bb5558df37006e71b5d783fec631249731a

    • SHA256

      33234512d5289f9bfee04f9b1186805430af2caafe29a6a17be45bed3f5b12da

    • SHA512

      ad0dd12169a0e256017c337179494548b071d0a509afe17d0ff985a4a669147b9f141eafe00a3d8f8cf16dd3c75c5ca34ed67e1135eef2c4cbecf9f79a656b0c

    • SSDEEP

      6144:nqFzL5LIT47HSmC/EHmxS6hBBBqzfGgx8vXJsk3CCAz1t6oimIQ:nqFzu4LSm9HWScfsrGgx8veICCAzyoia

    Score
    10/10
    execution

    • Blocklisted process makes network request

    • Abuses OpenXML format to download file from external location

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks