Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

42caba53fc...03.exe

windows7-x64

9

42caba53fc...03.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42caba53fc1bee4f7c009d839c8ebeecee0b06733a66cb42dc062962b72ea503

  • Size

    512KB

  • Sample

    221127-26qexsbc31

  • MD5

    6f5acc210f40b77de17f699e80d54e23

  • SHA1

    67acfecc7867bc30b5cf02e647f3b5b1df7db199

  • SHA256

    42caba53fc1bee4f7c009d839c8ebeecee0b06733a66cb42dc062962b72ea503

  • SHA512

    0e2bfc225a54466b7bc8e371d60a086bf4a33820d75d131f5da20d52a9b67d2199dd2d4b71a5a4eab30b330395e6f0c3d7b8e16d238e7f971cdb407ff90277ce

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4o:0+h9OY70z+warul3E4o

Score
9/10
evasion

Malware Config

Targets

    • Target

      42caba53fc1bee4f7c009d839c8ebeecee0b06733a66cb42dc062962b72ea503

    • Size

      512KB

    • MD5

      6f5acc210f40b77de17f699e80d54e23

    • SHA1

      67acfecc7867bc30b5cf02e647f3b5b1df7db199

    • SHA256

      42caba53fc1bee4f7c009d839c8ebeecee0b06733a66cb42dc062962b72ea503

    • SHA512

      0e2bfc225a54466b7bc8e371d60a086bf4a33820d75d131f5da20d52a9b67d2199dd2d4b71a5a4eab30b330395e6f0c3d7b8e16d238e7f971cdb407ff90277ce

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4o:0+h9OY70z+warul3E4o

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks