Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086.xlsx
-
Size
736KB
-
Sample
241013-cdz18axfnn
-
MD5
7c34b23b4b7cb66c2393128c3f55a0e1
-
SHA1
2cf918f985476c7d3988b7d2ac530d32c59de12d
-
SHA256
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086
-
SHA512
cd2d8d1f2e3accb677bed9be2a335253240458babedb514d88f31e980ed2740ebe586463fecf06ce5e3670ac430b1c54faf48732d29a98abeca28dae9daf537b
-
SSDEEP
12288:4gDGK/3uJ3WSZvFsxoHXYo1NmcCYlnjeRKZLImngMVTGckDI:jqKg35DHoojmcCEnjeyLImnLVTv
Static task
static1
Behavioral task
behavioral1
Sample
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086.xlam
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086.xlam
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://raw.githubusercontent.com/CryptersAndToolsOficial/ZIP/refs/heads/main/DetahNote_V.jpg%20
https://raw.githubusercontent.com/CryptersAndToolsOficial/ZIP/refs/heads/main/DetahNote_V.jpg%20
Targets
-
-
Target
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086.xlsx
-
Size
736KB
-
MD5
7c34b23b4b7cb66c2393128c3f55a0e1
-
SHA1
2cf918f985476c7d3988b7d2ac530d32c59de12d
-
SHA256
f3ca53807f32ccbc241ce2b92d7ab0727cfdf45e3fd88b9e3ac9a063f0aff086
-
SHA512
cd2d8d1f2e3accb677bed9be2a335253240458babedb514d88f31e980ed2740ebe586463fecf06ce5e3670ac430b1c54faf48732d29a98abeca28dae9daf537b
-
SSDEEP
12288:4gDGK/3uJ3WSZvFsxoHXYo1NmcCYlnjeRKZLImngMVTGckDI:jqKg35DHoojmcCEnjeyLImnLVTv
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-