Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

ORDER10093683PDF.exe

windows7_x64

7

ORDER10093683PDF.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ORDER10093683PDF.exe

  • Size

    848KB

  • Sample

    200708-bb9m51v9dj

  • MD5

    f2b299ac8cfc7645f338fb781543169d

  • SHA1

    bd5bcc574cc039fcdbe5f20f6d92ed47a7b30d83

  • SHA256

    d923da79eb17e91ec59943ffa1c7eff0d340fc25dbc51b439d7c6ee4168b08b7

  • SHA512

    d015d38437a6a2a0b50978ed083a774b27a76f6289343c40731eb37d02bcc8f09a4222a4b7959c5dd93449be00c95e078c942dd03cc30e55c191eafbcc4496aa

Score
7/10
spyware

Malware Config

Targets

    • Target

      ORDER10093683PDF.exe

    • Size

      848KB

    • MD5

      f2b299ac8cfc7645f338fb781543169d

    • SHA1

      bd5bcc574cc039fcdbe5f20f6d92ed47a7b30d83

    • SHA256

      d923da79eb17e91ec59943ffa1c7eff0d340fc25dbc51b439d7c6ee4168b08b7

    • SHA512

      d015d38437a6a2a0b50978ed083a774b27a76f6289343c40731eb37d02bcc8f09a4222a4b7959c5dd93449be00c95e078c942dd03cc30e55c191eafbcc4496aa

    Score
    7/10
    spyware

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks