Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

6d276507dd...8.xlsm

windows7-x64

3

6d276507dd...8.xlsm

windows10-2004-x64

1

Analysis

  • max time kernel
    46s
  • max time network
    36s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/08/2024, 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6d276507dd892c8da37be040e222b700b1dd02f920f656779109669e89eceae8.xlsm

  • Size

    92KB

  • MD5

    5519337c9a9586c972d9163b0c625e79

  • SHA1

    73452f23e830587ae643e75cf78b856744a18b53

  • SHA256

    6d276507dd892c8da37be040e222b700b1dd02f920f656779109669e89eceae8

  • SHA512

    fffeeb4f5243979436b04616fb9d1fd3e725c5a4fa980e0ba028363609e870eba3e0f023a66135fa76f6b634993693ee433f8c34cf9b227bf5c9f1b31f960107

  • SSDEEP

    1536:CguZCa6S5khUItU1o8K4znOSjhLqxMUH9Ga/M1NIpPkUlB7583fjncFYIIANFn:CgugapkhlJ8KaPjpqxvD/Ms8ULavLcP

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\6d276507dd892c8da37be040e222b700b1dd02f920f656779109669e89eceae8.xlsm"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b8ab77100df80ab2.customDestinations-ms
    Filesize

    1KB

    MD5

    d6f9769c6ed9b28430b360e9ed0ef8e6

    SHA1

    3da10556ed5d22f67283dadeb3355e64e53c057c

    SHA256

    a206bf925e62240f19b5d0f4c316cbf8ad63399d9b599051d3d9ef057eb3a5a3

    SHA512

    6e2e49cef055053dd766c6bd20850f31465397092ed2f90699196ef0efbc3184eec574c51ba8c018254081a5533cd8fbfdab474d12f47ec838c5dc8963fbe978

    Download Submit

  • memory/4320-11-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-14-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-3-0x00007FFBE838D000-0x00007FFBE838E000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4320-0-0x00007FFBA8370000-0x00007FFBA8380000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-7-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-8-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-9-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-16-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-2-0x00007FFBA8370000-0x00007FFBA8380000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-12-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-4-0x00007FFBA8370000-0x00007FFBA8380000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-15-0x00007FFBA5CA0000-0x00007FFBA5CB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-13-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-18-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-19-0x00007FFBA5CA0000-0x00007FFBA5CB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-17-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-10-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-6-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-5-0x00007FFBA8370000-0x00007FFBA8380000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4320-64-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-153-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-154-0x00007FFBE82F0000-0x00007FFBE84E5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4320-1-0x00007FFBA8370000-0x00007FFBA8380000-memory.dmp

    Filesize

    64KB

    Download