Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8
-
Size
28KB
-
Sample
240808-1scq8szhll
-
MD5
8d4285d6788aa4c6835f66e49dd2f836
-
SHA1
d5018cce41c252ffba8e9d88674daff6538b2211
-
SHA256
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8
-
SHA512
71de11a96ed9e4d961febe6cb6a3dce62672eedb3d52367bd10c6110e24f56813acffb756c6c9f8318ee7fed49defdbb2ce64b320cf183648b9eb1feeebcc38d
-
SSDEEP
384:i8LDTMTyvA6ymevF2NsdHLbeAj64wsXf7OrNbn/WlRABE:rDTMeY6devF2NsdHLd64wif76N7Wln
Behavioral task
behavioral1
Sample
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8.xls
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://tmpfiles.org/dl/10813794/exploit.jpg
Targets
-
-
Target
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8
-
Size
28KB
-
MD5
8d4285d6788aa4c6835f66e49dd2f836
-
SHA1
d5018cce41c252ffba8e9d88674daff6538b2211
-
SHA256
ec431ebefa36dd371f2edb37a503cdff0334977684c33e246c45637b007bc5e8
-
SHA512
71de11a96ed9e4d961febe6cb6a3dce62672eedb3d52367bd10c6110e24f56813acffb756c6c9f8318ee7fed49defdbb2ce64b320cf183648b9eb1feeebcc38d
-
SSDEEP
384:i8LDTMTyvA6ymevF2NsdHLbeAj64wsXf7OrNbn/WlRABE:rDTMeY6devF2NsdHLd64wif76N7Wln
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Deletes itself
-