Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ACH_ deposit _receipt12901234.exe

  • Size

    817KB

  • Sample

    230316-k56xvaab29

  • MD5

    fd42e94e57c66c93fc0a93e514101070

  • SHA1

    3640481f0566252477aff1a98ec7ae9bb6051fed

  • SHA256

    92517d9eb76bab41956c0dddf8160db00210e20b07f1b76a573c193fe5d40bb2

  • SHA512

    f3a577ce8e2f715eebbe7cd69b015dee2d0129be83d4de742231adc226837a0ea7f95ffc989363146cddcafb435a9db24af864f1aca2fa6e35fa6c6eb7cc8d3a

  • SSDEEP

    12288:J2zAi64ekCyyIS1UKeO9fUu3fopFwOZYjJ9rup5no5m/NrGIk7/3SzkZalfyl15O:JyipOZ4JxASz68m0U

Score
7/10

Malware Config

Targets

    • Target

      ACH_ deposit _receipt12901234.exe

    • Size

      817KB

    • MD5

      fd42e94e57c66c93fc0a93e514101070

    • SHA1

      3640481f0566252477aff1a98ec7ae9bb6051fed

    • SHA256

      92517d9eb76bab41956c0dddf8160db00210e20b07f1b76a573c193fe5d40bb2

    • SHA512

      f3a577ce8e2f715eebbe7cd69b015dee2d0129be83d4de742231adc226837a0ea7f95ffc989363146cddcafb435a9db24af864f1aca2fa6e35fa6c6eb7cc8d3a

    • SSDEEP

      12288:J2zAi64ekCyyIS1UKeO9fUu3fopFwOZYjJ9rup5no5m/NrGIk7/3SzkZalfyl15O:JyipOZ4JxASz68m0U

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks