Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a7b3852ce66047a12c1d9fbde162623989370d7691b65b1bf707ab6208cafb25

  • Size

    92KB

  • Sample

    221030-v481xsdaen

  • MD5

    829c571d4e493decde84cae4da3b3d00

  • SHA1

    3d4672501d68ed72493b553820cc64674a9fb398

  • SHA256

    a7b3852ce66047a12c1d9fbde162623989370d7691b65b1bf707ab6208cafb25

  • SHA512

    67dc58bd1740808b4c6b60a55e5088c89b12265602b877e277896b4d019ac381aae29c4a850ccc32d7e62dd1695038478bcd7eb1a11395658419b1a025655cd6

  • SSDEEP

    1536:vztXrx6mqhy3gnjTH9ZYmOEI9TwjXTQbFaxXni51pY:Nx6mqhy3gnjTH9ZYmOx9TwHQbFaxsW

Malware Config

Targets

    • Target

      a7b3852ce66047a12c1d9fbde162623989370d7691b65b1bf707ab6208cafb25

    • Size

      92KB

    • MD5

      829c571d4e493decde84cae4da3b3d00

    • SHA1

      3d4672501d68ed72493b553820cc64674a9fb398

    • SHA256

      a7b3852ce66047a12c1d9fbde162623989370d7691b65b1bf707ab6208cafb25

    • SHA512

      67dc58bd1740808b4c6b60a55e5088c89b12265602b877e277896b4d019ac381aae29c4a850ccc32d7e62dd1695038478bcd7eb1a11395658419b1a025655cd6

    • SSDEEP

      1536:vztXrx6mqhy3gnjTH9ZYmOEI9TwjXTQbFaxXni51pY:Nx6mqhy3gnjTH9ZYmOx9TwHQbFaxsW

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks