Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Maersk_Quotation.exe
-
Size
819KB
-
Sample
240606-sn3svsfg7s
-
MD5
5f5b4b7694a47e5daf2ea45203e7f410
-
SHA1
30a5afcab27746c6d30755cc09baeffd082cb7a1
-
SHA256
fdf6769af86db361b56a4bc21862caa4c4f3c68f6b2fc1503735219db3727125
-
SHA512
509526a425296735edf273aabc8f0a3bc2762ff436778ba4c7393a4de6a86ea7be79a5297703b5edde2693653875767a3982a3d3f7d451c624f94bf41749a3c3
-
SSDEEP
24576:3y7C3c63oT1B7w7v621X84uLZuhxkr01gtY+VTjC:360oRZwGkuohxkr4gtY+VTj
Static task
static1
Behavioral task
behavioral1
Sample
Maersk_Quotation.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Maersk_Quotation.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Maersk_Quotation.exe
-
Size
819KB
-
MD5
5f5b4b7694a47e5daf2ea45203e7f410
-
SHA1
30a5afcab27746c6d30755cc09baeffd082cb7a1
-
SHA256
fdf6769af86db361b56a4bc21862caa4c4f3c68f6b2fc1503735219db3727125
-
SHA512
509526a425296735edf273aabc8f0a3bc2762ff436778ba4c7393a4de6a86ea7be79a5297703b5edde2693653875767a3982a3d3f7d451c624f94bf41749a3c3
-
SSDEEP
24576:3y7C3c63oT1B7w7v621X84uLZuhxkr01gtY+VTjC:360oRZwGkuohxkr4gtY+VTj
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-