Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

rechnung_v...30.exe

windows7-x64

7

rechnung_v...30.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3455ea0c2f61b131c7a99860da2b1c3947f8b4cc1f959214f1c792bf6dff98bd

  • Size

    123KB

  • Sample

    221127-tvsf5sbd24

  • MD5

    eb0a8161ec0c04514bf680867b163a8e

  • SHA1

    b45c267f24d3bc1de64ea81d2a3895d9a15718dc

  • SHA256

    3455ea0c2f61b131c7a99860da2b1c3947f8b4cc1f959214f1c792bf6dff98bd

  • SHA512

    cd0f990db33730e9cc523fdc55bd76c207772c9eb7cbd2bd4f5f24c9c6b99d2385c994d530d4646c5e8abea4a0f9964c4b9b52bc01fe4bd2d6d52588cd62b63a

  • SSDEEP

    3072:pSRI3CNStqwGr/d4eXsy3cvf5ftCC6ofPHPK5dTLiwCOv8G7BVgiS1DI:kI3CEqwe4GZcXgonPKLF8CYiSe

Score
7/10
persistence

Malware Config

Targets

    • Target

      rechnung_vodafone_de_2014_11_930370025_023870007_11_de_0000003837_888830.exe

    • Size

      172KB

    • MD5

      3d83c8e629e7a271448568b4edf53627

    • SHA1

      28f376dbfb54f68fa87dbb20255574cc1fa9f63e

    • SHA256

      b5281c0c00bdc0ebde811cb4ae7458eefd4c4add80eb4d8ef3e4a90280b06133

    • SHA512

      b68333badf1c5147e11cd1c0299732eda31268bbc690521beb1304370b007dc9cc786033d0c6e332d42d2ac90699c49e1fdd832a603b03b7f26d0fe36092fbb0

    • SSDEEP

      3072:Aac0KMWBexMF+4eXsy3cvf5ftCC6ofPBPK5dTLiwCOv8G7PAPplKrrz:AbKXxI+4GZcXgohPKLF8Coh

    Score
    7/10
    persistence

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks