Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

  • Size

    601KB

  • Sample

    221127-kwy6mshe7w

  • MD5

    16b16a6e82528ee1a744bd77421d5c4e

  • SHA1

    f52489e58a1ee447b72984c1b4929306f54f7ca5

  • SHA256

    a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

  • SHA512

    d25bf017844bcc2803024fd3e85dcd15f05b21261152a3052463a38940fbe1a2a5408d3f563b964c380b88cfcb98928702a41ea15e39281c939ecc9e1282e1f9

  • SSDEEP

    12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdL:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AN

Score
9/10

Malware Config

Targets

    • Target

      a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

    • Size

      601KB

    • MD5

      16b16a6e82528ee1a744bd77421d5c4e

    • SHA1

      f52489e58a1ee447b72984c1b4929306f54f7ca5

    • SHA256

      a40e261ffa7ac9e8e214a5003f8050278948cde414030c562409623064bba62d

    • SHA512

      d25bf017844bcc2803024fd3e85dcd15f05b21261152a3052463a38940fbe1a2a5408d3f563b964c380b88cfcb98928702a41ea15e39281c939ecc9e1282e1f9

    • SSDEEP

      12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdL:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AN

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks