5080e38aaf9a00af84a5baf06d1eeb1881dd24a389ff719add6b7b650d1ddaea | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

PG_320_MPI...26.xls

windows7-x64

8

PG_320_MPI...26.xls

windows10-2004-x64

1

Sharing

General

Target

PG_320_MPI SRL_20240607_100526.xls
Size

1.0MB
Sample

240723-hbr6gssbnf
MD5

f75d330398f3c1726675357616731264
SHA1

a7fb3d4e0a71bc522df5334d1d2efb92207f1065
SHA256

5080e38aaf9a00af84a5baf06d1eeb1881dd24a389ff719add6b7b650d1ddaea
SHA512

ef036ae3d6b6ba092e2e3cf8f224b0953cc27d35a975b0b22ec28dde9d91754379b16d36fb5736fb74f877d75f57c370cdc9eef9fa7f09af2d253d16d605ac08
SSDEEP

24576:LYIK07NB11N0TCpToIw6Duf+074LHb6yreOXU0DyYP2rKP035S:LhKi/2WtDE74L2yr/9DyGM35S

Score

8^/10

execution

Static task

static1

Behavioral task

behavioral1

Sample

PG_320_MPI SRL_20240607_100526.xls

Resource

win7-20240704-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

PG_320_MPI SRL_20240607_100526.xls

Resource

win10v2004-20240709-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  PG_320_MPI SRL_20240607_100526.xls
- Size
  
  1.0MB
- MD5
  
  f75d330398f3c1726675357616731264
- SHA1
  
  a7fb3d4e0a71bc522df5334d1d2efb92207f1065
- SHA256
  
  5080e38aaf9a00af84a5baf06d1eeb1881dd24a389ff719add6b7b650d1ddaea
- SHA512
  
  ef036ae3d6b6ba092e2e3cf8f224b0953cc27d35a975b0b22ec28dde9d91754379b16d36fb5736fb74f877d75f57c370cdc9eef9fa7f09af2d253d16d605ac08
- SSDEEP
  
  24576:LYIK07NB11N0TCpToIw6Duf+074LHb6yreOXU0DyYP2rKP035S:LhKi/2WtDE74L2yr/9DyGM35S
Score

8^/10

execution
- Blocklisted process makes network request
- Abuses OpenXML format to download file from external location
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy