Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    invoice.exe

  • Size

    260KB

  • Sample

    230703-ltx18shb7z

  • MD5

    49a70f543b8d5c902df2c034e02dfd2d

  • SHA1

    f4d99146bad5e5e33a0a1497db81bc8218c484a6

  • SHA256

    19c456f77ef7a2c3d34f397ab4d435092281b157a76ab5e5002370a283e40e65

  • SHA512

    237e01ea6210359d16910c7c73c3d5cef6c0c874c2c6423e5bfd9359fe582ed4784a8b60063ae55338b0fbfcefd4bf521df205bdaf87b2f04c079d6c4b55f3d4

  • SSDEEP

    6144:pYa65nnH1aTNTPh3HzehIVRAETPR/LGNCzJj/kpRU3WZP8TJaD8eLWyw:pYHVaTNTPh3iOqEbdyNsJoPoJrz

Score
7/10

Malware Config

Targets

    • Target

      invoice.exe

    • Size

      260KB

    • MD5

      49a70f543b8d5c902df2c034e02dfd2d

    • SHA1

      f4d99146bad5e5e33a0a1497db81bc8218c484a6

    • SHA256

      19c456f77ef7a2c3d34f397ab4d435092281b157a76ab5e5002370a283e40e65

    • SHA512

      237e01ea6210359d16910c7c73c3d5cef6c0c874c2c6423e5bfd9359fe582ed4784a8b60063ae55338b0fbfcefd4bf521df205bdaf87b2f04c079d6c4b55f3d4

    • SSDEEP

      6144:pYa65nnH1aTNTPh3HzehIVRAETPR/LGNCzJj/kpRU3WZP8TJaD8eLWyw:pYHVaTNTPh3iOqEbdyNsJoPoJrz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks