Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

REQUEST FO...df.exe

windows7-x64

10

REQUEST FO...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    REQUEST FOR QUOTE OFFICE STATIONARY SUPPLIE CONTRACT TENDER.pdf.exe

  • Size

    949KB

  • Sample

    250328-m8l3ysvwbx

  • MD5

    f11e6dd721c1b3be096fc3576f47ca46

  • SHA1

    ed456c6e866851c1d3210eba46a4537c598cbe88

  • SHA256

    53d056661093a1e9c94852549fcb6ba5fcd82c19bc694aa5dd528aab4cf09d25

  • SHA512

    ad9bb0ea88b24e9090456ab1c45194861445b360b2a39488648a87af9393546a531d105358613c00634130bde503f1b6931d0fbb29649b5849f1220ae45d0543

  • SSDEEP

    24576:Ru6J33O0c+JY5UZ+XC0kGso6FaAGuL+pwWY:Du0c++OCvkGs9FaAiY

Score
10/10
collectiondefense_evasiondiscoveryevasiontrojan

Malware Config

Targets

    • Target

      REQUEST FOR QUOTE OFFICE STATIONARY SUPPLIE CONTRACT TENDER.pdf.exe

    • Size

      949KB

    • MD5

      f11e6dd721c1b3be096fc3576f47ca46

    • SHA1

      ed456c6e866851c1d3210eba46a4537c598cbe88

    • SHA256

      53d056661093a1e9c94852549fcb6ba5fcd82c19bc694aa5dd528aab4cf09d25

    • SHA512

      ad9bb0ea88b24e9090456ab1c45194861445b360b2a39488648a87af9393546a531d105358613c00634130bde503f1b6931d0fbb29649b5849f1220ae45d0543

    • SSDEEP

      24576:Ru6J33O0c+JY5UZ+XC0kGso6FaAGuL+pwWY:Du0c++OCvkGs9FaAiY

    Score
    10/10
    collectiondefense_evasiondiscoveryevasiontrojan

    • Modifies Windows Defender DisableAntiSpyware settings

      evasiontrojan

    • Disables Task Manager via registry modification

      defense_evasion

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks