Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

PAYMENT COPY.exe

windows7-x64

7

PAYMENT COPY.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PAYMENT COPY.zip

  • Size

    366KB

  • Sample

    230831-m1vp5aec2v

  • MD5

    a16b7550674c5595b00635b4a8d0818e

  • SHA1

    947d145f11a67653a9d241e7f8384f9e0fb16417

  • SHA256

    34e5043867e982258aaa56f59d5f35abc7b53ca1293853465ca7974758ffbfe9

  • SHA512

    e1334bd3401ed67cac31744bad5b8bb15fc201d2d353a4c7852d476ad830bacb16bc76e6ca74ce25a89ef133e5c5615cb1267c2a9b5a073e94a3868b0c55cc80

  • SSDEEP

    6144:fq5b2nbbvZA19VUm4MCJv1RtV32f4ZaxY4UhrzWvU6TPvErtYqJB2asepUaeUy8y:fqMnfvZuVDpcv1Rth2f4cxY4UhQlTPvx

Score
7/10

Malware Config

Targets

    • Target

      PAYMENT COPY.exe

    • Size

      517KB

    • MD5

      07777ab79429d89e895fec96ff50b278

    • SHA1

      5213f0cd557ba8f2ccb393ae2d97ca8d277195db

    • SHA256

      4a63fd45dcc97cf19892173f6101ff932109f8e3c382db28ea077c63a65f203d

    • SHA512

      dfa96457b683593147909eb03377fa9354a793243dc2facd82f19cd479f9ef57bdf644c0988ee8a169bba8591ad5daffeb3ff517c811285179765ba3eed6199a

    • SSDEEP

      12288:WYePZVDtcv1rthwf4qxe4ChulTtvEHjTB2ZeauKH:WY0ZVZwSxPChSVEHZ5au8

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks