Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c
-
Size
34KB
-
Sample
240808-1ye4js1aqn
-
MD5
4af847012595949ef564643457cd28db
-
SHA1
ce3c3db2e749bf63d513e9e640cc5da5c4958a11
-
SHA256
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c
-
SHA512
e96f69098896c0e5278c50b227af0b1801d68da606fa18eb7877a1a9be888a0c93b1e3821820a87a0bd0c1e714a063ceb02f000b55fb5c745fac2dba07aa6bdd
-
SSDEEP
384:i8LDMT+hA6ymev72NsdHL9eAjrT4wsXf7OrNC/WlknBtG:rDM6O6dev72NsdHL/v4wif76NAW
Behavioral task
behavioral1
Sample
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://tmpfiles.org/dl/10809951/exploit.jpg
Targets
-
-
Target
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c
-
Size
34KB
-
MD5
4af847012595949ef564643457cd28db
-
SHA1
ce3c3db2e749bf63d513e9e640cc5da5c4958a11
-
SHA256
6481edbc725104b15a4ae9e80f11c4a0060a74b5b1bf44d06e20975cd57e580c
-
SHA512
e96f69098896c0e5278c50b227af0b1801d68da606fa18eb7877a1a9be888a0c93b1e3821820a87a0bd0c1e714a063ceb02f000b55fb5c745fac2dba07aa6bdd
-
SSDEEP
384:i8LDMT+hA6ymev72NsdHL9eAjrT4wsXf7OrNC/WlknBtG:rDM6O6dev72NsdHL/v4wif76NAW
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Deletes itself
-