Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
INVOICE.exe
-
Size
369KB
-
Sample
230704-gjkwpscg3y
-
MD5
304982562295bef516f43831130c84a2
-
SHA1
5ac0bee1956d264b88baff846ccbc7360ceb9291
-
SHA256
ce95bf97082a2895a94b3ddd23d9906f4101bc7cbedb4bcf3d0dab94e834aaab
-
SHA512
6199c3a0a4091e3b5cea65a8e7a4f840ffb69aaca6c0ea2d37ab53791bd46f6a8675e78837146d8356535d4bff8e544ebb636904ad4848e2133c79bfa7367a83
-
SSDEEP
6144:/Ya6lk/PHuX3HoRnK1bwQcynCvbneGLtiauZx1AODRvGIz0LVxe:/Y/kHH+3H2K1cSnC3AwODRHz0Vxe
Static task
static1
Behavioral task
behavioral1
Sample
INVOICE.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
INVOICE.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
INVOICE.exe
-
Size
369KB
-
MD5
304982562295bef516f43831130c84a2
-
SHA1
5ac0bee1956d264b88baff846ccbc7360ceb9291
-
SHA256
ce95bf97082a2895a94b3ddd23d9906f4101bc7cbedb4bcf3d0dab94e834aaab
-
SHA512
6199c3a0a4091e3b5cea65a8e7a4f840ffb69aaca6c0ea2d37ab53791bd46f6a8675e78837146d8356535d4bff8e544ebb636904ad4848e2133c79bfa7367a83
-
SSDEEP
6144:/Ya6lk/PHuX3HoRnK1bwQcynCvbneGLtiauZx1AODRvGIz0LVxe:/Y/kHH+3H2K1cSnC3AwODRHz0Vxe
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-