Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683

  • Size

    823KB

  • Sample

    221030-pws2vabhhp

  • MD5

    937a1b4613a2109448103c318cb7ab10

  • SHA1

    1ac5bc876ec8026d57ce67fde624fab848f7b8d1

  • SHA256

    7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683

  • SHA512

    28db39b653ab91429546198a838cf4dd361f85a71a435aa825d49fab74273886b5225388d92b884ac7b6ae50eaf467b644caf76ad753e5fe114187fb6b89e2ba

  • SSDEEP

    24576:QZJ+3Rbxv7mctSdkeXofT/+brY2Qwz+Rq7ISoZ:Go5xv7mcseeXr0IsS+

Score
9/10

Malware Config

Targets

    • Target

      7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683

    • Size

      823KB

    • MD5

      937a1b4613a2109448103c318cb7ab10

    • SHA1

      1ac5bc876ec8026d57ce67fde624fab848f7b8d1

    • SHA256

      7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683

    • SHA512

      28db39b653ab91429546198a838cf4dd361f85a71a435aa825d49fab74273886b5225388d92b884ac7b6ae50eaf467b644caf76ad753e5fe114187fb6b89e2ba

    • SSDEEP

      24576:QZJ+3Rbxv7mctSdkeXofT/+brY2Qwz+Rq7ISoZ:Go5xv7mcseeXr0IsS+

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks