Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
invoice.exe
-
Size
260KB
-
Sample
230703-ltx18shb7z
-
MD5
49a70f543b8d5c902df2c034e02dfd2d
-
SHA1
f4d99146bad5e5e33a0a1497db81bc8218c484a6
-
SHA256
19c456f77ef7a2c3d34f397ab4d435092281b157a76ab5e5002370a283e40e65
-
SHA512
237e01ea6210359d16910c7c73c3d5cef6c0c874c2c6423e5bfd9359fe582ed4784a8b60063ae55338b0fbfcefd4bf521df205bdaf87b2f04c079d6c4b55f3d4
-
SSDEEP
6144:pYa65nnH1aTNTPh3HzehIVRAETPR/LGNCzJj/kpRU3WZP8TJaD8eLWyw:pYHVaTNTPh3iOqEbdyNsJoPoJrz
Malware Config
Targets
-
-
Target
invoice.exe
-
Size
260KB
-
MD5
49a70f543b8d5c902df2c034e02dfd2d
-
SHA1
f4d99146bad5e5e33a0a1497db81bc8218c484a6
-
SHA256
19c456f77ef7a2c3d34f397ab4d435092281b157a76ab5e5002370a283e40e65
-
SHA512
237e01ea6210359d16910c7c73c3d5cef6c0c874c2c6423e5bfd9359fe582ed4784a8b60063ae55338b0fbfcefd4bf521df205bdaf87b2f04c079d6c4b55f3d4
-
SSDEEP
6144:pYa65nnH1aTNTPh3HzehIVRAETPR/LGNCzJj/kpRU3WZP8TJaD8eLWyw:pYHVaTNTPh3iOqEbdyNsJoPoJrz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-