Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fd5ebf3f15ff7aaf7f56c31fcbc7c66fb0979c165b7716f4da0d9c8e5d5c77e6

  • Size

    512KB

  • Sample

    221127-1fwctaag79

  • MD5

    155eb31fc4854fc2316258f4b2bc68b0

  • SHA1

    2f364f36cb504e4617c032559619a3d51e7f52e0

  • SHA256

    fd5ebf3f15ff7aaf7f56c31fcbc7c66fb0979c165b7716f4da0d9c8e5d5c77e6

  • SHA512

    9cc706e3f95f1f73dc4fcc3f6c42d3ae782fb514a5343b87e9cee9d17385cca5f511733c545a61230b64e6b8eb86ca14474a3fda3109721ddddf2eee37c087b6

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4q:0+h9OY70z+warul3E4q

Score
9/10

Malware Config

Targets

    • Target

      fd5ebf3f15ff7aaf7f56c31fcbc7c66fb0979c165b7716f4da0d9c8e5d5c77e6

    • Size

      512KB

    • MD5

      155eb31fc4854fc2316258f4b2bc68b0

    • SHA1

      2f364f36cb504e4617c032559619a3d51e7f52e0

    • SHA256

      fd5ebf3f15ff7aaf7f56c31fcbc7c66fb0979c165b7716f4da0d9c8e5d5c77e6

    • SHA512

      9cc706e3f95f1f73dc4fcc3f6c42d3ae782fb514a5343b87e9cee9d17385cca5f511733c545a61230b64e6b8eb86ca14474a3fda3109721ddddf2eee37c087b6

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4q:0+h9OY70z+warul3E4q

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks