Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    中体彩2024年度员工晋升材料.zip

  • Size

    8.6MB

  • Sample

    240528-kdp51scf2x

  • MD5

    2d9ed22ecc2938f7f423356f9e7d2c98

  • SHA1

    6c0811f89f3e27e2afe4ddd66f501c3fa26b014b

  • SHA256

    d80d33cf63c15b5804e7dc096733026a01c300aac0e36cff5c9721adaebb1b2c

  • SHA512

    3838d949560d68a30417bfd2491aad9c12d9aa04746735f3ea384e26bb82485e42f24670c3c2bf36f3311629fd27de43c72eeaa74b2334bba1b5bbc76b9439a1

  • SSDEEP

    196608:b8uRq5EcxW207JsMbuht8aWXWaZLZNnyrF0Hxv67N7dJnf/dIlmmTKVS2Ta:Xq5EcxW29RuRnyra6tKya

Score
7/10

Malware Config

Targets

    • Target

      中体彩2024年度员工晋升材料/中体彩2024年度员工晋升材料报名表.pdf.lnk

    • Size

      727B

    • MD5

      c02c168c1c97d6f113b88cb8c1ddedf9

    • SHA1

      ee235ca5916d3003eab418dd9a3e2e0286bc3852

    • SHA256

      cd029ad0d35e589c6340a33b094a3ae866648e4b93926ad7b3278d1531b583f3

    • SHA512

      857ca5cacd21d194288a82a60a0cab439cde23beef5ebb4f83a4cb0a60694ff32c83682e4414355e26a59d4c73c29c2cac538107ee5cb95bf001b66582d6f569

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    • Target

      中体彩2024年度员工晋升材料/其他信息/.__MACOS__/.__MACOS__/._MACOSX_/PROPSYS.dll

    • Size

      20.7MB

    • MD5

      6d6c7dbd71698f3994a40c6c7c49c40b

    • SHA1

      a683075719121fca4343802f615fe55ddd4bb390

    • SHA256

      4d50b07a2a0c7ebc8d39c5cb11107d85544e9c20abb53c5424423e280b8bfbc1

    • SHA512

      ac9494001849d089d12207368541841dd2716ac1d1a8554b63f624cc3f32c1d5170b20edfd0ce05446b1040411df03e15d4e100fdf58df3267f85cc30f4aa95f

    • SSDEEP

      98304:kbw1o1APQYDP5b3cmNttCdWbReNm+CsCwY8tE3/umfTJnQmD4yL35Fs2V:XrP5b3cMtlbRH4r5+7dVD45K

    Score
    1/10
    • Target

      中体彩2024年度员工晋升材料/其他信息/.__MACOS__/.__MACOS__/._MACOSX_/osd.com

    • Size

      245KB

    • MD5

      4acc218e13667ca101cab9db29e44a77

    • SHA1

      a84bcee7738b86ae41baee4e73d0a8c2a735e0fe

    • SHA256

      1ab5183a4d362a358b27a66b3013fcb17486e3d44b018fc1fa2cc2c7ba3f963e

    • SHA512

      361eaad250755271d5158c30393e28cdceed54d8756c13a22dde303147ae9a4530c3f9758628d69e43240bc5582056eabf3df6d3672f1dd3f51c109566aec89a

    • SSDEEP

      6144:KpfXnqiLZ32RnqlPy0GrN5HTohi9qQuFnwOEm:KpfXnzGRnRrzoY9zOEm

    Score
    5/10
    • Suspicious use of SetThreadContext

    • Target

      中体彩2024年度员工晋升材料/其他信息/中体彩2024年度员工晋升材料报名表.pdf.lnk

    • Size

      717B

    • MD5

      788c495923bd62a29c37e7c3650b8f40

    • SHA1

      ec6192b5a58891cbca38ccb5c38a836023b0ecdc

    • SHA256

      cd529e1410bfe6e093a1cf74ec97eab24188e45128487b2e3e32ecea4abc835d

    • SHA512

      e0f8f50fa756288092680a0cb9bc2688b107690ebfac5f61e9f14fdbf79a2499c1d618b48778dd78d52279fe27e3c6e4fbcc4d814f2c40beebc77dd07b43f6d9

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks