Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

rechnung_1...05.exe

windows7-x64

7

rechnung_1...05.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    012c6e4c376585d25e49af005a2b8151aa06963e65807fe45187ea7ccb3cd5b3

  • Size

    126KB

  • Sample

    221124-fd4k7aaa86

  • MD5

    11a2eda3f6ba336ce1e0792a12077c66

  • SHA1

    828623adaeec3d31838891af8b1f6ac84f18fa4b

  • SHA256

    012c6e4c376585d25e49af005a2b8151aa06963e65807fe45187ea7ccb3cd5b3

  • SHA512

    248712d537b53417cbb6d23e37f2745e7051aaa9385d4889f333bb48d8edaacc1229d949b8b27e92afdd3b7b4301fc951612e1e66f8bc0ce4355cf829f57a8f4

  • SSDEEP

    3072:tE32P0xKLBStd3jUQdW66THeOO16ogZrss1IyLXfgQ9:t3PgyBqz14TE6dZrbI6v9

Score
7/10
persistence

Malware Config

Targets

    • Target

      rechnung_11_2014_3280000236_telekom_de_002839300002_11_0000352899_000005.exe

    • Size

      176KB

    • MD5

      5095f22cbdd7c59303fb7d670c97afa5

    • SHA1

      35712036e76c5215b512f9ddb73321617387a98c

    • SHA256

      79e4ffae8c0d0abd80d090d5f3465855b25955509e78d0ced3eab4cfa6d43015

    • SHA512

      9c4815c773a1b57c1178056fec3063894869b51af02cca52baf94a8ee1644d90a2b7444951979f15ecf90f718ad920353cf21927e754158580e479ea5106c0fc

    • SSDEEP

      3072:5KzHNmI+9MEJRuOmz1C+cSQStd3jUQdW6OTHeOO16ogZrssN6wc+ga0Mhze:5qHByNJGBC+Cqz14TE6dZr5PQ

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks