Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Halkbank.pdf.exe

  • Size

    720KB

  • Sample

    230522-qxdtzsbe3z

  • MD5

    da69ec614d0d3885c5a88cac8a75facd

  • SHA1

    19508ae57240da4c9b69ed9bee3d74a4db6d4fe0

  • SHA256

    1e2470cf5042f4ff269c98c7a33dd27ca36ddeed91d9fb18df591f40a2d18131

  • SHA512

    00c456ef068b3f93a26a9b983f72ebbe1a98833eefec8571286aa1968ad5b34bad947d3f9647df53edbe13ccee7847890153523c7f9e4f8383e9311fe3fe0e49

  • SSDEEP

    12288:yvV+s1bSQT6tjjdB4Y08uQcdcU00f2WCYO+DDQ6ZI7XpiKdPhBxz0AwPg3BqPPw4:ytCvuLf2YOjKI7kKhhBWA0IqPtfGH5er

Score
7/10

Malware Config

Targets

    • Target

      Halkbank.pdf.exe

    • Size

      720KB

    • MD5

      da69ec614d0d3885c5a88cac8a75facd

    • SHA1

      19508ae57240da4c9b69ed9bee3d74a4db6d4fe0

    • SHA256

      1e2470cf5042f4ff269c98c7a33dd27ca36ddeed91d9fb18df591f40a2d18131

    • SHA512

      00c456ef068b3f93a26a9b983f72ebbe1a98833eefec8571286aa1968ad5b34bad947d3f9647df53edbe13ccee7847890153523c7f9e4f8383e9311fe3fe0e49

    • SSDEEP

      12288:yvV+s1bSQT6tjjdB4Y08uQcdcU00f2WCYO+DDQ6ZI7XpiKdPhBxz0AwPg3BqPPw4:ytCvuLf2YOjKI7kKhhBWA0IqPtfGH5er

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks