Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2bd406b1ceb6f8f7bf557e80d7367d94221988e7225062a9ef3d5b7c76dcc399

  • Size

    512KB

  • Sample

    221127-1n182afc2s

  • MD5

    74f5ce80a067348d10dedcb181fd0779

  • SHA1

    3c9fe81cc6080bd77b3e77e8ac3ddf6c5a0d307f

  • SHA256

    2bd406b1ceb6f8f7bf557e80d7367d94221988e7225062a9ef3d5b7c76dcc399

  • SHA512

    06dc9b4a61634e067d1d97dc72e591283991264aa3498344c0da0172b2e6568f046cc570f3983e0a8d2485897ec12fce3626d100de74cb9de14850fc423e5381

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4l:0+h9OY70z+warul3E4l

Score
9/10

Malware Config

Targets

    • Target

      2bd406b1ceb6f8f7bf557e80d7367d94221988e7225062a9ef3d5b7c76dcc399

    • Size

      512KB

    • MD5

      74f5ce80a067348d10dedcb181fd0779

    • SHA1

      3c9fe81cc6080bd77b3e77e8ac3ddf6c5a0d307f

    • SHA256

      2bd406b1ceb6f8f7bf557e80d7367d94221988e7225062a9ef3d5b7c76dcc399

    • SHA512

      06dc9b4a61634e067d1d97dc72e591283991264aa3498344c0da0172b2e6568f046cc570f3983e0a8d2485897ec12fce3626d100de74cb9de14850fc423e5381

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4l:0+h9OY70z+warul3E4l

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks