Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41570002689_20220814_05352297_HesapOzeti.exe

  • Size

    853KB

  • Sample

    231003-wznd4agg22

  • MD5

    f328f1d6c69059f08f15ab3dc8695639

  • SHA1

    a02e19ef7cea7ef5cdc7ecb05146e9b509df80ce

  • SHA256

    cc74e95443838d54168e736be39859926097fd7da7606b6ef4d8bfb794303eff

  • SHA512

    512ff9c10ea1edbe146441ca29efda97445695fed590e539c222bfe5ada32f194c0adf33339b7aadb645a5496225ec688c883e7272593e1da67d41a7bcf7b398

  • SSDEEP

    24576:uX7Ax5uPybFZxVHjvGeniSqFk51dh3fn9Y:uXMxA+JNGPAvh3f9

Score
7/10

Malware Config

Targets

    • Target

      41570002689_20220814_05352297_HesapOzeti.exe

    • Size

      853KB

    • MD5

      f328f1d6c69059f08f15ab3dc8695639

    • SHA1

      a02e19ef7cea7ef5cdc7ecb05146e9b509df80ce

    • SHA256

      cc74e95443838d54168e736be39859926097fd7da7606b6ef4d8bfb794303eff

    • SHA512

      512ff9c10ea1edbe146441ca29efda97445695fed590e539c222bfe5ada32f194c0adf33339b7aadb645a5496225ec688c883e7272593e1da67d41a7bcf7b398

    • SSDEEP

      24576:uX7Ax5uPybFZxVHjvGeniSqFk51dh3fn9Y:uXMxA+JNGPAvh3f9

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks