Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0d6234c78268f7a4f215ee3d78c04d4faa5461435a3c5d033abc13ea49563b08

  • Size

    512KB

  • Sample

    221127-3x742sdd7t

  • MD5

    f42b7d0e1cb62df6e719a97c1f8b593a

  • SHA1

    029e6fcaa151fc7cb5d38887e092e317a11e4c5d

  • SHA256

    0d6234c78268f7a4f215ee3d78c04d4faa5461435a3c5d033abc13ea49563b08

  • SHA512

    f6c6c5bbfa83551a8a339205692e9b5e87f12ef20b347436fa1f6c1f888effdb5d2d4de31d1bed8165181b940f10772278236205ef2d365142e8db97a14ddc2d

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E41:0+h9OY70z+warul3E41

Score
9/10

Malware Config

Targets

    • Target

      0d6234c78268f7a4f215ee3d78c04d4faa5461435a3c5d033abc13ea49563b08

    • Size

      512KB

    • MD5

      f42b7d0e1cb62df6e719a97c1f8b593a

    • SHA1

      029e6fcaa151fc7cb5d38887e092e317a11e4c5d

    • SHA256

      0d6234c78268f7a4f215ee3d78c04d4faa5461435a3c5d033abc13ea49563b08

    • SHA512

      f6c6c5bbfa83551a8a339205692e9b5e87f12ef20b347436fa1f6c1f888effdb5d2d4de31d1bed8165181b940f10772278236205ef2d365142e8db97a14ddc2d

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E41:0+h9OY70z+warul3E41

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks