Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Confirm revised invoice to proceed with payment ASAP.rar

  • Size

    552KB

  • Sample

    230627-kapp3sde38

  • MD5

    47862a6458cffe335a6950673530fe88

  • SHA1

    7c10333ca76400df2368baa11134821d5cd735cc

  • SHA256

    096dc9d1c1b50a5dfb5dcec64183b2901441b43343308c890b4a82293eb18f39

  • SHA512

    f3119e008789c508ab37edd57af62cf4edd70b4b071c0f267c97307f74e750f202f4bc1f0094851a601a05284edc1b76cc22deb8bfcdf66197796e2dcf7895cb

  • SSDEEP

    12288:/76FMeJtbo4DeqDKR3ygBslOa+5Wwt+Ht0RGrT8fnEFFBLFz4Mp8bLS:TOdorqA14sUwt+Ht0Rm8vuFBLFLp8be

Score
7/10

Malware Config

Targets

    • Target

      Confirm revised invoice to proceed with payment ASAP.exe

    • Size

      601KB

    • MD5

      d91260a98896839dfccebffc6c11a13f

    • SHA1

      589c7a5ad66e3ed75301cbdfe7a22646a73c3800

    • SHA256

      45dec1fc7a43e44be22a5bc161baaff3a7573562b1574246e5c59235620d715e

    • SHA512

      b24e354ff9c4be264aab73611033df2159a6ae5be3501bb392cbc45f5f3f6f64934e6318a441c72a4e4c4f3ae4abad064aaf559a77689a30357282c8d4d59d12

    • SSDEEP

      12288:Z22iNds1zpmnchs+TSIbQKJ1SzfCaAfoAgLI+OCuZm5DvLIAibDfWy:E1A9ach/mOhSTCRo2cq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks