Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Invoice.rar
-
Size
274KB
-
Sample
230712-hwhgsacc85
-
MD5
26a36c778e54aaa3dc01f256eb328fd1
-
SHA1
41b5bdd35cf1798de086c564601b7c9d58f80034
-
SHA256
97d82ef629cc257cd211526fff0f49793539ae95b72071d38c13721e603ae98e
-
SHA512
cecf0d0280d235942bbebc3eb955d3a4c0317e7640ceda2944b2858aec8013cea6442dc817355c0904d5ace67256e9855e2bdece84477cc21f41591a6f321d8b
-
SSDEEP
6144:hT1zajXm4SSi1UFJ2mQmFDqdt92avvyIejNCgOeZ:hTFajXmB31G2mnDqdtzvA0eZ
Static task
static1
Behavioral task
behavioral1
Sample
Invoice.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
Invoice.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
Invoice.exe
-
Size
290KB
-
MD5
251059be9d81ed9e5dcef07d3da50410
-
SHA1
7d7c53f24a2996b2be19a6be740a3ff27bc0bfcb
-
SHA256
a18c3de560cfe832821c01661931953efe47d1506955f779ce2760550a1a63c8
-
SHA512
3dbd5c3aaea44cb381129a4d9395028b2b29a3d8d7b2ce4bff481c1a12bfea63d8f80b4fa8e2b47edce7d37f1b6093ba297a783370fc149429dc2eee66d83779
-
SSDEEP
6144:/Ya6nBlQZtNfvjoaXOz+e5hljyV1DM6O2MxO5G0l7S8CYmMw4mli/mN:/YdjstNTOSeAK6O2Mx+G0FS8CZ/4kWK
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-