Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Purchase order_1.zip
-
Size
598KB
-
Sample
230802-m84yrsec96
-
MD5
06e8b35be02f02b6faa8b5c63877fa93
-
SHA1
09adba78341b06ef30849afabb1821acab785531
-
SHA256
995224009fd7cb63eef774208d209cb3af834ad3cb754b046f9cd14ce1c4354e
-
SHA512
069d499263f64c840d25cecc1ed636ec44d5f6e5148cc69fc35ea77fb7a30d9e2da71329a511c3a823111bec485b26548936da28998238e63e203dda6134a1f4
-
SSDEEP
12288:xjGsJ/guiDS7ng4Dq6+CYWpx9EMCXAy+ZrPB/RFfrqK+mcoTuJ:NPpguiDSTg4+6+CfETsLzqK9pi
Static task
static1
Behavioral task
behavioral1
Sample
Purchase order.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
Purchase order.exe
-
Size
663KB
-
MD5
2066bebe7c32cf52b2e7e5b2ae6dcf5b
-
SHA1
acc4a396e69d6bb6de3791d8cda944d899f524e8
-
SHA256
20ca9236b9070c02ddedeed75c4b5b478a06f31c9a3d714105503a17595e386f
-
SHA512
2394649c626df36f6f2d4c4348cacda22e019f936268c90197ff5b182ab7d6b71dff5d5305f611ede3fa19d0dda7a072e44e3ecf985c3f761e15d5e1aed7de5e
-
SSDEEP
12288:Og7Jh13m+oB7VDW5pJN89HCpxHEM8XGysZrPBVr3UoKl:Og7tW+oBJD6prbEN6JNy
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-