Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Posible_phish2.msg
-
Size
74KB
-
Sample
240806-yfh2dascka
-
MD5
9aaaef2ad7e5ac10800260768d1e7b73
-
SHA1
3197b5bacd5d2ee1b3bd0dfc85d72587be3db67f
-
SHA256
45690eb3c123c36b7ab89e31b8d1a36c5862b57f782904cada4dec8b980d02af
-
SHA512
b374c0a2378b32e91a7bf7a29054f1859a25a27ca5ac1bed9f2b6819d628faec842ab130e3cac4215ed998221ff64ebe90e1a223cfbea6f466829c15282559ba
-
SSDEEP
1536:omi6QU+pCxHWzfGh7+46qqm2WdWe2B1WLcw8buAG:omipU32B1WLcwWu
Static task
static1
Behavioral task
behavioral1
Sample
Inv-219538.html
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
Inv-219538.html
-
Size
1KB
-
MD5
d2c58680078d63f3e37c529ab6a25e14
-
SHA1
dd281da25eaac82c264a18b07aca1a431f3cafa8
-
SHA256
469bee8515910670d8fc028bf9cc575036f000bf5d49a90e0245c1bebcaebd53
-
SHA512
ead1dda7469a4a0faa6abfcf73d4ef2ba2a79b2222f258b1c0676d948c873e3c3516f4da834a3b138ffc516b73e4d61e0e7b7ec1e8eef9b61997cd64a3012575
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
System Binary Proxy Execution: Verclsid
Adversaries may abuse Verclsid to proxy execution of malicious code.
-