Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

New Order-...OO.exe

windows7-x64

7

New Order-...OO.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New Order-PO # 6330001438 - AL SAHOO.zip

  • Size

    609KB

  • Sample

    230605-tmekbahe55

  • MD5

    a05d2de50a21ba0f7644470ed75e197b

  • SHA1

    eafa85b0158b33444305a8d4a429efb3d601286f

  • SHA256

    ae1a30232dd94e529bb4ee7c5813b855324574374f2d2acabf9cbeb43dd6a734

  • SHA512

    d1100e5c48c6596447158df682033a770c9352a27f7bf8b9718030beb3e49802a1737b9b24f44af43a74d08b43f20a9ddd800b202c430bab45bd35b1ef0142f4

  • SSDEEP

    12288:iaoNmtunzubWMDr+dc6h6XeJIbyWCMx8NB1Fn3QfCBESgJTpVhMxnGsGwFb:iaoNYzlDr+jh6OSbTOhDgJtsGsGwl

Score
7/10

Malware Config

Targets

    • Target

      New Order-PO # 6330001438 - AL SAHOO .xlx.exe

    • Size

      824KB

    • MD5

      7dd859fde650cb61302ae72bc94a27a0

    • SHA1

      2a42814b404e0e25c48726c4fef0f6758c875ffe

    • SHA256

      6b5dd535e0c7585720c6710edefc8fc601f56ffa2510994fb4b55a78adb6c145

    • SHA512

      f50c76ee1602ade4504eb286c6d811f11ffc559d76f31d5a67725091d6706405c22e012ec8a83fe84346b59dc61d90bc10ea0700e1a568c34d88fcfd6c3f823a

    • SSDEEP

      12288:BYfdstPplTY6RhKuT10bcMDPAdYOMSsB8YryWkFB1FClCzESgJTl1houNEIdu:BSsJTDEJfDPA6OMBTrYPfJgJRZNEIdu

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks