Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4e49b09fbd28a5355fa7021242d98f7cd1b7a617088fd636b5ed484a80453f9c

  • Size

    512KB

  • Sample

    221127-3kpf6scd4x

  • MD5

    92ffca873da1d18c4768b9a36d0a3917

  • SHA1

    3021ad4141d4ceda795c016f5688093bfcf0aad6

  • SHA256

    4e49b09fbd28a5355fa7021242d98f7cd1b7a617088fd636b5ed484a80453f9c

  • SHA512

    a0b2673c9575946bc93d2562b1aedc00192d256e82e2974e00df74e5c79c6e7165ebb2a326e48db603b880cc5ce6d896483e24f5289e3308818fe45eeec14360

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4q:0+h9OY70z+warul3E4q

Score
9/10

Malware Config

Targets

    • Target

      4e49b09fbd28a5355fa7021242d98f7cd1b7a617088fd636b5ed484a80453f9c

    • Size

      512KB

    • MD5

      92ffca873da1d18c4768b9a36d0a3917

    • SHA1

      3021ad4141d4ceda795c016f5688093bfcf0aad6

    • SHA256

      4e49b09fbd28a5355fa7021242d98f7cd1b7a617088fd636b5ed484a80453f9c

    • SHA512

      a0b2673c9575946bc93d2562b1aedc00192d256e82e2974e00df74e5c79c6e7165ebb2a326e48db603b880cc5ce6d896483e24f5289e3308818fe45eeec14360

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4q:0+h9OY70z+warul3E4q

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks