Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67
-
Size
35KB
-
Sample
240708-z165da1fqb
-
MD5
7f3f985ec7c2739f6670083deda3c625
-
SHA1
ea48dc066138d62012b862874b50d37f64281d3c
-
SHA256
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67
-
SHA512
ad033808ce820074814ebe8f8ab4b7880fe2f027e7668bebaa4c2729f79a8374653f37db4a8735660eab5238acb1a6595a919e1abcb137add63fbf951452eb7b
-
SSDEEP
768:ctvo+uzZk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJYrm2Ucd93:Myk3hbdlylKsgqopeJBWhZFGkE+cL2N1
Behavioral task
behavioral1
Sample
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67.xls
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67.xls
Resource
win10v2004-20240708-en
Malware Config
Extracted
https://raw.githubusercontent.com/enigma0x3/Generate-Macro/master/Generate-Macro.ps1
Targets
-
-
Target
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67
-
Size
35KB
-
MD5
7f3f985ec7c2739f6670083deda3c625
-
SHA1
ea48dc066138d62012b862874b50d37f64281d3c
-
SHA256
000e7212034e2cc42b2c59dceccb614b0916dd0e524cc653ac9591228c7a3d67
-
SHA512
ad033808ce820074814ebe8f8ab4b7880fe2f027e7668bebaa4c2729f79a8374653f37db4a8735660eab5238acb1a6595a919e1abcb137add63fbf951452eb7b
-
SSDEEP
768:ctvo+uzZk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJYrm2Ucd93:Myk3hbdlylKsgqopeJBWhZFGkE+cL2N1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-