Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Maersk_Quotation.exe

  • Size

    819KB

  • Sample

    240606-sn3svsfg7s

  • MD5

    5f5b4b7694a47e5daf2ea45203e7f410

  • SHA1

    30a5afcab27746c6d30755cc09baeffd082cb7a1

  • SHA256

    fdf6769af86db361b56a4bc21862caa4c4f3c68f6b2fc1503735219db3727125

  • SHA512

    509526a425296735edf273aabc8f0a3bc2762ff436778ba4c7393a4de6a86ea7be79a5297703b5edde2693653875767a3982a3d3f7d451c624f94bf41749a3c3

  • SSDEEP

    24576:3y7C3c63oT1B7w7v621X84uLZuhxkr01gtY+VTjC:360oRZwGkuohxkr4gtY+VTj

Score
8/10

Malware Config

Targets

    • Target

      Maersk_Quotation.exe

    • Size

      819KB

    • MD5

      5f5b4b7694a47e5daf2ea45203e7f410

    • SHA1

      30a5afcab27746c6d30755cc09baeffd082cb7a1

    • SHA256

      fdf6769af86db361b56a4bc21862caa4c4f3c68f6b2fc1503735219db3727125

    • SHA512

      509526a425296735edf273aabc8f0a3bc2762ff436778ba4c7393a4de6a86ea7be79a5297703b5edde2693653875767a3982a3d3f7d451c624f94bf41749a3c3

    • SSDEEP

      24576:3y7C3c63oT1B7w7v621X84uLZuhxkr01gtY+VTjC:360oRZwGkuohxkr4gtY+VTj

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks