Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    invoice00232____________________________________________________________________________________________________________________pdf.zip

  • Size

    9KB

  • Sample

    220916-pcx7fsbdgp

  • MD5

    2932980c84fa134feb1a601983f6fecf

  • SHA1

    07623610a4cc026aa5e3ba967626d67bb5b86a57

  • SHA256

    e94a1d46afd9738b1f200ff2d221c74d236dcbf954383466dbe95ba3c4f6100d

  • SHA512

    f510c1d2f170ed3bb4310f6760ba8c0212578f167f4d57f467321b333f630f89b74e22c678c6ddf092c9bdb62f2e7c61ca77fd01d86ce94e3d71e7a149cc5aba

  • SSDEEP

    192:bSNOjkgFgrmgyPqdtgLjHjH14g/Nc19g7VnT6TLYBTzszq:bUOjk1rt8jH1tugVTft

Score
7/10

Malware Config

Targets

    • Target

      invoice00232____________________________________________________________________________________________________________________pdf.exe

    • Size

      16KB

    • MD5

      6ba67836488da9a76d8f7c67d3576f71

    • SHA1

      169c3232cbbe5fee27ce6b1e26706ce6dc7dc350

    • SHA256

      1a9ea07853428a1bab8418690e5cf45044f16657f5f7ab7ff8dbd0c6f13fac92

    • SHA512

      6ff0a168ac8e8e399af447b09a2e600521f84e7a5579d51abe47241a0fe96801f47edd6a6b2138428e1bbac4e46fc29f49a25712eb0a6ab2e260cdabe5cb4c03

    • SSDEEP

      384:U2iTgTYyU/m1V0U+awNWaNLXJS1zqa0FMbRvWG6L6:UZTgTYyoaV0U9e542TM1+G26

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks