Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    afa2e8be96ca86a8b12dec4f6fc12958867219abe09966cd6b39000247ede792

  • Size

    274KB

  • Sample

    221127-3qlbpsgf87

  • MD5

    5d3f99c43bdc1205b59da497b27cf629

  • SHA1

    d87a58e13ce96428065b4ea65b15671a97d1ad4f

  • SHA256

    afa2e8be96ca86a8b12dec4f6fc12958867219abe09966cd6b39000247ede792

  • SHA512

    26a6d247f098a3e30995a44c786427d64466b0e6dbdb9f8875d1961a4d8f48fdb812ea838ee520ac7bcb7afc81c2a483ae2a6d7485f36e983f9a889ec9b68011

  • SSDEEP

    6144:mj2NA2rgIZseLlJfOMBfcuJwam6ZqRrOuic4pe:+b2rgIZx9OyLWkqR/4p

Score
9/10

Malware Config

Targets

    • Target

      afa2e8be96ca86a8b12dec4f6fc12958867219abe09966cd6b39000247ede792

    • Size

      274KB

    • MD5

      5d3f99c43bdc1205b59da497b27cf629

    • SHA1

      d87a58e13ce96428065b4ea65b15671a97d1ad4f

    • SHA256

      afa2e8be96ca86a8b12dec4f6fc12958867219abe09966cd6b39000247ede792

    • SHA512

      26a6d247f098a3e30995a44c786427d64466b0e6dbdb9f8875d1961a4d8f48fdb812ea838ee520ac7bcb7afc81c2a483ae2a6d7485f36e983f9a889ec9b68011

    • SSDEEP

      6144:mj2NA2rgIZseLlJfOMBfcuJwam6ZqRrOuic4pe:+b2rgIZx9OyLWkqR/4p

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Executes dropped EXE

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks