Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

KIEFEL Pac...er.exe

windows7-x64

7

KIEFEL Pac...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KIEFEL Packaging GmbH Purchase Order.exe

  • Size

    254KB

  • Sample

    230703-njt8psgc33

  • MD5

    850dab1779d10d934754d3b5a49367e7

  • SHA1

    7b82f354de7fa54e6c15eeb9ade13d81ca501df3

  • SHA256

    f44a7323fa21d5b6ab9ee259aa3c764442087425652c3f32c798b5af8a5c54ad

  • SHA512

    ada74c7650db6c536477c275f9d4a604ff0f52c0d136469a46d26d4b890b5f51627f64218588c08405233627567e66ac033d2a5d52d0728d4d642c6af4e3513c

  • SSDEEP

    6144:/Ya6YGirsR+LQIFjVqoWu8pAs/hGSPuhaymQp+csaRf8rYikjhYyND7Enu:/YuGiISjVFvvsASGhayz+TqKQvEnu

Score
7/10

Malware Config

Targets

    • Target

      KIEFEL Packaging GmbH Purchase Order.exe

    • Size

      254KB

    • MD5

      850dab1779d10d934754d3b5a49367e7

    • SHA1

      7b82f354de7fa54e6c15eeb9ade13d81ca501df3

    • SHA256

      f44a7323fa21d5b6ab9ee259aa3c764442087425652c3f32c798b5af8a5c54ad

    • SHA512

      ada74c7650db6c536477c275f9d4a604ff0f52c0d136469a46d26d4b890b5f51627f64218588c08405233627567e66ac033d2a5d52d0728d4d642c6af4e3513c

    • SSDEEP

      6144:/Ya6YGirsR+LQIFjVqoWu8pAs/hGSPuhaymQp+csaRf8rYikjhYyND7Enu:/YuGiISjVFvvsASGhayz+TqKQvEnu

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks