Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    56s
  • max time network
    57s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/08/2024, 21:56

General

  • Target

    069623567e5c8dbd25193aedebbeaefbdac0cf3f8c4a2a9a876ec52879bd682f.xls

  • Size

    59KB

  • MD5

    c70b0884965887cd464d06b3b3f9137d

  • SHA1

    9bde25a79063e3624ba9dc3699713526f3c8b903

  • SHA256

    069623567e5c8dbd25193aedebbeaefbdac0cf3f8c4a2a9a876ec52879bd682f

  • SHA512

    cfa67afae1c00658cd012dd314884475fdd338439ff07cbb9e333cf47fe133a173c80d21eeb3c627c9ca975a958151d88947ef040d197df3a7043409c1ec546a

  • SSDEEP

    768:QF5zihXcDiZXkpteAZWbG//PjGs+za86H:czihcDiy2AL/PjKza86H

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\069623567e5c8dbd25193aedebbeaefbdac0cf3f8c4a2a9a876ec52879bd682f.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4712-0-0x00007FF88B970000-0x00007FF88B980000-memory.dmp

    Filesize

    64KB

  • memory/4712-1-0x00007FF8CB98D000-0x00007FF8CB98E000-memory.dmp

    Filesize

    4KB

  • memory/4712-3-0x00007FF88B970000-0x00007FF88B980000-memory.dmp

    Filesize

    64KB

  • memory/4712-2-0x00007FF88B970000-0x00007FF88B980000-memory.dmp

    Filesize

    64KB

  • memory/4712-9-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-12-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-11-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-13-0x00007FF889870000-0x00007FF889880000-memory.dmp

    Filesize

    64KB

  • memory/4712-10-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-8-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-14-0x00007FF889870000-0x00007FF889880000-memory.dmp

    Filesize

    64KB

  • memory/4712-15-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-17-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-21-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-23-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-22-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-20-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-19-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-18-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-16-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-7-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-6-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-5-0x00007FF88B970000-0x00007FF88B980000-memory.dmp

    Filesize

    64KB

  • memory/4712-4-0x00007FF88B970000-0x00007FF88B980000-memory.dmp

    Filesize

    64KB

  • memory/4712-33-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-34-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-35-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-44-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-45-0x00007FF8CB98D000-0x00007FF8CB98E000-memory.dmp

    Filesize

    4KB

  • memory/4712-46-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-50-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB

  • memory/4712-51-0x00007FF8CB8F0000-0x00007FF8CBAE5000-memory.dmp

    Filesize

    2.0MB