Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

240db31fca...1.xlam

windows7-x64

10

240db31fca...1.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    240db31fca0f94f85b17fe7d3ab4096acc1f7d7902e0d8ef8bec91cb4600eb81.xlsx

  • Size

    617KB

  • Sample

    240812-bezleaxgrk

  • MD5

    ad305741c0274f5e03b82e3064f734ca

  • SHA1

    503def7a04cff86b7e2aedc69cdfe8c02b7e3a6f

  • SHA256

    240db31fca0f94f85b17fe7d3ab4096acc1f7d7902e0d8ef8bec91cb4600eb81

  • SHA512

    46ce5ead793596693f2d73653a216fc9384bcf03933ffafb1ca850ced34e02776ab77adae88d618fca1099e743ffa3817165904a7cc32f2cc3888324d0644549

  • SSDEEP

    12288:82NJM8dx21qVNeT9XV1PQy1MWSAtyPfOSwUnbHJZLT+4fxaJDD7fLNXqxE38c/bP:DH720TwlSy17SRHSUbpZfvf2t3/bBYve

Score
10/10
discoveryexecution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
exe.dropper

https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg

Targets

    • Target

      240db31fca0f94f85b17fe7d3ab4096acc1f7d7902e0d8ef8bec91cb4600eb81.xlsx

    • Size

      617KB

    • MD5

      ad305741c0274f5e03b82e3064f734ca

    • SHA1

      503def7a04cff86b7e2aedc69cdfe8c02b7e3a6f

    • SHA256

      240db31fca0f94f85b17fe7d3ab4096acc1f7d7902e0d8ef8bec91cb4600eb81

    • SHA512

      46ce5ead793596693f2d73653a216fc9384bcf03933ffafb1ca850ced34e02776ab77adae88d618fca1099e743ffa3817165904a7cc32f2cc3888324d0644549

    • SSDEEP

      12288:82NJM8dx21qVNeT9XV1PQy1MWSAtyPfOSwUnbHJZLT+4fxaJDD7fLNXqxE38c/bP:DH720TwlSy17SRHSUbpZfvf2t3/bBYve

    Score
    10/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks