Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

a40e261ffa...2d.exe

windows7-x64

9

a40e261ffa...2d.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

  • Size

    601KB

  • Sample

    221127-kwy6mshe7w

  • MD5

    16b16a6e82528ee1a744bd77421d5c4e

  • SHA1

    f52489e58a1ee447b72984c1b4929306f54f7ca5

  • SHA256

    a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

  • SHA512

    d25bf017844bcc2803024fd3e85dcd15f05b21261152a3052463a38940fbe1a2a5408d3f563b964c380b88cfcb98928702a41ea15e39281c939ecc9e1282e1f9

  • SSDEEP

    12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdL:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AN

Score
9/10
evasion

Malware Config

Targets

    • Target

      a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

    • Size

      601KB

    • MD5

      16b16a6e82528ee1a744bd77421d5c4e

    • SHA1

      f52489e58a1ee447b72984c1b4929306f54f7ca5

    • SHA256

      a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

    • SHA512

      d25bf017844bcc2803024fd3e85dcd15f05b21261152a3052463a38940fbe1a2a5408d3f563b964c380b88cfcb98928702a41ea15e39281c939ecc9e1282e1f9

    • SSDEEP

      12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdL:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AN

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks