Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

ACH_ depos...34.exe

windows7-x64

7

ACH_ depos...34.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ACH_ deposit _receipt12901234.exe

  • Size

    817KB

  • Sample

    230316-k56xvaab29

  • MD5

    fd42e94e57c66c93fc0a93e514101070

  • SHA1

    3640481f0566252477aff1a98ec7ae9bb6051fed

  • SHA256

    92517d9eb76bab41956c0dddf8160db00210e20b07f1b76a573c193fe5d40bb2

  • SHA512

    f3a577ce8e2f715eebbe7cd69b015dee2d0129be83d4de742231adc226837a0ea7f95ffc989363146cddcafb435a9db24af864f1aca2fa6e35fa6c6eb7cc8d3a

  • SSDEEP

    12288:J2zAi64ekCyyIS1UKeO9fUu3fopFwOZYjJ9rup5no5m/NrGIk7/3SzkZalfyl15O:JyipOZ4JxASz68m0U

Score
7/10
persistence

Malware Config

Targets

    • Target

      ACH_ deposit _receipt12901234.exe

    • Size

      817KB

    • MD5

      fd42e94e57c66c93fc0a93e514101070

    • SHA1

      3640481f0566252477aff1a98ec7ae9bb6051fed

    • SHA256

      92517d9eb76bab41956c0dddf8160db00210e20b07f1b76a573c193fe5d40bb2

    • SHA512

      f3a577ce8e2f715eebbe7cd69b015dee2d0129be83d4de742231adc226837a0ea7f95ffc989363146cddcafb435a9db24af864f1aca2fa6e35fa6c6eb7cc8d3a

    • SSDEEP

      12288:J2zAi64ekCyyIS1UKeO9fUu3fopFwOZYjJ9rup5no5m/NrGIk7/3SzkZalfyl15O:JyipOZ4JxASz68m0U

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks