Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
parckingList -Invoic00 BLpdf00.r00
-
Size
597KB
-
Sample
230515-25w63sae77
-
MD5
3aed0e1a5d6b9ea0399ce86cc787b392
-
SHA1
cb7e064f3de7f4bd7f98a4ead0d354266bb12148
-
SHA256
e19a66397a3a9196cf62d9ece12634289a39ad93c6772deb64bbcb487077aa64
-
SHA512
2406c6e04863fffe2361a51dba13d1190d9eea1c3be1de8d432f374bf7a628a35b51a2de0c6fb7269a2add8e7542bf8ffe1ee265ebd4ba5cd0c4596230e7c37e
-
SSDEEP
12288:0R/dTfiz/plPh/GuLSc9sLg0AlAoQHjNf+fGSQVfyo3uD5oDETjkc:0RtfizxNhOu5sunkRfQuhbIjkc
Static task
static1
Behavioral task
behavioral1
Sample
packing list -Invoic BL.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
packing list -Invoic BL.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
packing list -Invoic BL.exe
-
Size
861KB
-
MD5
973a0f17d8d87e9cc13e3f326a81a131
-
SHA1
8ed65338fe577207d0c655a1d819bba12859bde0
-
SHA256
4d9d3571a9694b594e2be0b578c92ace288b1446aa514b5d0606f2809783e6f5
-
SHA512
2179993bd49fdd1d6f9ce2ccae9ec23c902709c458a5577296208231d1403543d96932910e8cf542257d85247a61b55bb0cae821597f7bda6fa8362472323565
-
SSDEEP
12288:rbysS3nxU8r6chUCGOEodiRf3bbxtkOS34UuHee60P:r4y8rBVGOEI6fbkO4Ic0P
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-