c27900905ec18d4daae5294f041d6a8080091fcce79b5181aaebbe6933aca5c6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Revised invoice.exe

windows7-x64

7

Revised invoice.exe

windows10-2004-x64

5

Sharing

General

Target

Revised invoice.zip
Size

601KB
Sample

231102-mns1rsae91
MD5

7bfccad26e26dfb9b8da5e98412e61ad
SHA1

06156ebfb299311dff591c9d7e8c23e2b26edc39
SHA256

c27900905ec18d4daae5294f041d6a8080091fcce79b5181aaebbe6933aca5c6
SHA512

56a9dba08aaf2e0ebd5ec8d071ff13c4d043ab7178cbdafdf8b3a45be3936211ec1c831a6683540c72cffbb6b95db22b1eebd60eb6e23951f9a85a10410bd0b2
SSDEEP

12288:AraDNXE6iZXAK03/h0JT3vDJjgiXeRmpz4Pg1mD:AODRE6iZXkf1Rmwz

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Revised invoice.exe

Resource

win7-20231020-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Revised invoice.exe

Resource

win10v2004-20231023-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  Revised invoice.exe
- Size
  
  656KB
- MD5
  
  20ad07241b54c7690a5914b6069151b2
- SHA1
  
  b631e2d6910155d57982f27a0cebea4d5695c08b
- SHA256
  
  9ab77e961ee2eaaee3da8d49b8f9f09444b279c6f258cf8e9769e4a16c22fbd4
- SHA512
  
  8e851c4230926b9f7751b0ee779802318878fb127a7cbce16240bbf5b38fd4fd0d518b5594ee0d19e1b01420a339525d50abcff23420987ffbd2e590d052eeeb
- SSDEEP
  
  12288:DODN9e6QLaK0//g91Xp3vjb3SMJeHH6GpP6TitTPuvdXp/Oat:yD3e6QLEWoRHvpPS
Score

7^/10
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy