Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Invoice.exe
-
Size
780KB
-
Sample
230825-natwksch31
-
MD5
8f640a0035e12ea1122856ae2c6e5eaf
-
SHA1
bbca60cf2a5395b1ba00171251c114ad1f3736da
-
SHA256
377113e1a7ba66c25bc72f9bd79e9dd26ecbb6c9128d07f2deed92a1f0803f25
-
SHA512
2570b5677f10fbc8bb4153aba95e8f84878290948a26dfeef72d38794a7e16baee9ee88ee775a1687c6aedb414007d19629a1d933beb9a8b34dd76bdaba5b3be
-
SSDEEP
12288:n8cpVgEe+AapAhPXX1eqOLWNV2YgGg6xIb4dupGOwI7AFQ4Sp:8cPgR3hPnIPLWXI3fqiDvEFSp
Static task
static1
Behavioral task
behavioral1
Sample
Invoice.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
Invoice.exe
-
Size
780KB
-
MD5
8f640a0035e12ea1122856ae2c6e5eaf
-
SHA1
bbca60cf2a5395b1ba00171251c114ad1f3736da
-
SHA256
377113e1a7ba66c25bc72f9bd79e9dd26ecbb6c9128d07f2deed92a1f0803f25
-
SHA512
2570b5677f10fbc8bb4153aba95e8f84878290948a26dfeef72d38794a7e16baee9ee88ee775a1687c6aedb414007d19629a1d933beb9a8b34dd76bdaba5b3be
-
SSDEEP
12288:n8cpVgEe+AapAhPXX1eqOLWNV2YgGg6xIb4dupGOwI7AFQ4Sp:8cPgR3hPnIPLWXI3fqiDvEFSp
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-