Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

920f96788d...d.xlsm

windows7-x64

10

920f96788d...d.xlsm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90b0b5a51f143a5bd4efe22d767dcf1a.zip

  • Size

    11KB

  • Sample

    240903-th7eja1bkn

  • MD5

    1d036b217686578ef683b3c85f2d525c

  • SHA1

    5ee8e4708af68f2a873615f63f0e44764b3c9041

  • SHA256

    8277300c3d809c4afa9996d8f7586c9e293a8256bb8d8a4bb3a4dd21e175391a

  • SHA512

    0f22a7a548740739f79b090e657a95cee88a48c9ecf7013543486ba65a79d8132bec317bc55b2b6feffbd0d06ae23097f34bccd71bdcc326129673002edd70b4

  • SSDEEP

    192:tWH1vHpJke1SnQBpAUnIdF+95xZUP3DPqicdeYk7WL2j69iPxa2BGS5Hecf:tWH1vHkAUuId0iccYk782S+a2BGA

Score
10/10
discoverymacro

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://dropmb.com/files/cdf12c0670fa3ed12ce20dd7608bfe62.vbs%60

Targets

    • Target

      920f96788d41ba9a43556dfd4cbc1ba9b452dffce5a5b962107d3ffdcd5c7fed

    • Size

      13KB

    • MD5

      90b0b5a51f143a5bd4efe22d767dcf1a

    • SHA1

      1342cb0a36ac8371a9646dbcf9c3b47234002a7e

    • SHA256

      920f96788d41ba9a43556dfd4cbc1ba9b452dffce5a5b962107d3ffdcd5c7fed

    • SHA512

      2200dde2efa608ae89b74c4d041e2e1e44b7f29458d800849655d6670ceb6326a382c497548fcc0fec7613d8c893f306871fbf6b7090bfb4218f8a2590a0f47a

    • SSDEEP

      192:H7UpMcgX6lPfrXpS0hDWOVelKCxxWBWb49hugLIJnHsrbgMS1bTk:H7+McQ6ZTp5WOCKCxoBWmLoabgm

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks