Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    959c9b1a631a9c52b508b03384d6f05085e761f416828ea24f010b9eaab89180

  • Size

    512KB

  • Sample

    221127-1wgvcsbh66

  • MD5

    02b4d088dd6c056c0eb18b03e75baa86

  • SHA1

    16571799a58fa318782e2b4c129d91ca90467ce7

  • SHA256

    959c9b1a631a9c52b508b03384d6f05085e761f416828ea24f010b9eaab89180

  • SHA512

    7d0b4e6f8c57af8237f8e6dd35491eecfc6efa79663fdbbcc1aab201d20b9d4fdb9cec63dac6f334a74fcdbce36c01e2fc220dc839a06d7c4702fe19694c1541

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4Q:0+h9OY70z+warul3E4Q

Score
9/10

Malware Config

Targets

    • Target

      959c9b1a631a9c52b508b03384d6f05085e761f416828ea24f010b9eaab89180

    • Size

      512KB

    • MD5

      02b4d088dd6c056c0eb18b03e75baa86

    • SHA1

      16571799a58fa318782e2b4c129d91ca90467ce7

    • SHA256

      959c9b1a631a9c52b508b03384d6f05085e761f416828ea24f010b9eaab89180

    • SHA512

      7d0b4e6f8c57af8237f8e6dd35491eecfc6efa79663fdbbcc1aab201d20b9d4fdb9cec63dac6f334a74fcdbce36c01e2fc220dc839a06d7c4702fe19694c1541

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4Q:0+h9OY70z+warul3E4Q

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks