Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PURCHASE ORDER- REF QTE-2314329.7z
-
Size
823KB
-
Sample
230526-nte7jafc42
-
MD5
5b64ea805cc0624fd7928c6936556573
-
SHA1
7dd00b40fbe2b7d0316574b03216358c4a06de82
-
SHA256
039abdc271621646e3a6d347f08b7a23223c9e4772a9059d44e0a9d5d0ee01d4
-
SHA512
3ddb30372a56256e0b90d1dbd88aa2a82b56e0971e1d97ef90eb5e6ff57be8049b2f08f9e1eaee1eeddf7e4ef1561e6630427f85abc5d6cf4db6515175d22a6f
-
SSDEEP
12288:Cc44fiz+cteztwC9Jh4bdqSNgjwe+kZj1771y3R7lc1qKdMKHwhb5p5U61pNfa:F4mctUwOgqSNgjwe7ykgyMKkf5UMLC
Static task
static1
Behavioral task
behavioral1
Sample
purchase order.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
purchase order.exe
-
Size
916KB
-
MD5
3f626f64cf5f7196bc812ff1814d95f6
-
SHA1
c7dcf05df40dc04d4f9af38ef7a887ffde68abb5
-
SHA256
f6a82d751b2c63e135488686a43c60f35c2cda54a5599f450d4c123043e3c6b2
-
SHA512
ecf5aca2cfc774557f1170d5ba73115a3240831b2b1bf2c7c43b8dd8b2965450efd7c25ed71b0bb0a7e28931ecb5cd614c1cf5c3fc318ca2c891813983856413
-
SSDEEP
12288:KOCmzZBEP85QaC9JhmbdqSNhjwl+eZj17y1a3RplcyqKdxKHwhj5p5U61aNf:h9BEP83O6qSNhjwtIa2DyxKkf5UMM
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-