Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Shipment_notification.exe

  • Size

    754KB

  • Sample

    230320-s1wv3seb85

  • MD5

    c310a64af890ac32abff89e86cb53a33

  • SHA1

    509cdec4d058011fb55535a936e56d3158f3f05a

  • SHA256

    90e86051c2fb04a3f6fda85273580abca9a9131fb5e32065f620c4410febe1af

  • SHA512

    095334ee039c7c70b5459b16f1e8d66b56cb7847d3769859182ef5764a8fcb6720cddbc20fc7b5a2c87a6ec4141a70b537e59e27f7fd2ff57c0c325e1b803fce

  • SSDEEP

    12288:PIrmYMUnFW/NObV55FbasbtrKnnRy50vHKB0otonixVtd/FmQSBhVa8i6NFJHKoR:PIrUUj5FbfVoy5hB0hnixT9FHI04qooW

Score
7/10

Malware Config

Targets

    • Target

      Shipment_notification.exe

    • Size

      754KB

    • MD5

      c310a64af890ac32abff89e86cb53a33

    • SHA1

      509cdec4d058011fb55535a936e56d3158f3f05a

    • SHA256

      90e86051c2fb04a3f6fda85273580abca9a9131fb5e32065f620c4410febe1af

    • SHA512

      095334ee039c7c70b5459b16f1e8d66b56cb7847d3769859182ef5764a8fcb6720cddbc20fc7b5a2c87a6ec4141a70b537e59e27f7fd2ff57c0c325e1b803fce

    • SSDEEP

      12288:PIrmYMUnFW/NObV55FbasbtrKnnRy50vHKB0otonixVtd/FmQSBhVa8i6NFJHKoR:PIrUUj5FbfVoy5hB0hnixT9FHI04qooW

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks