Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6.xlsx
-
Size
1.1MB
-
Sample
241107-dt5gbatkhz
-
MD5
9b8d94907c2db1b8ae9ebf84b2099c16
-
SHA1
d543e02897263288f2b2a65d7070757d99fed8ff
-
SHA256
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6
-
SHA512
cc8d24cee7a41c7cc2ddab9cd5d7ae6b245dcd90fee8b5de1d4001dae83e7c43d3cbd474bc1c4f89fa9ec903d26de680630d8b064328f07b3a04cf827182a972
-
SSDEEP
24576:1yaZxvseowaDI9eqvBw2LyifZSScF1LelExbgwCcH0p1O4uGqdzkxTm:1T0DIRvBwCv0xF1L3MwCA4uIx
Static task
static1
Behavioral task
behavioral1
Sample
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=1UyHqwrnXClKBJ3j63Ll1t2StVgGxbSt0
https://drive.google.com/uc?export=download&id=1UyHqwrnXClKBJ3j63Ll1t2StVgGxbSt0
Targets
-
-
Target
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6.xlsx
-
Size
1.1MB
-
MD5
9b8d94907c2db1b8ae9ebf84b2099c16
-
SHA1
d543e02897263288f2b2a65d7070757d99fed8ff
-
SHA256
d42ff478f1996a591e02f59a41edda8aee486e9523c14bce04be51cb457cc6e6
-
SHA512
cc8d24cee7a41c7cc2ddab9cd5d7ae6b245dcd90fee8b5de1d4001dae83e7c43d3cbd474bc1c4f89fa9ec903d26de680630d8b064328f07b3a04cf827182a972
-
SSDEEP
24576:1yaZxvseowaDI9eqvBw2LyifZSScF1LelExbgwCcH0p1O4uGqdzkxTm:1T0DIRvBwCv0xF1L3MwCA4uIx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Evasion via Device Credential Deployment
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-