Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

8

da893d1ffb...6b.exe

windows7-x64

9

da893d1ffb...6b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da893d1ffb08d9ffda880f0ed93281d819f28f62e2a6c7e246838509c5cc126b

  • Size

    619KB

  • Sample

    221127-levbssfc44

  • MD5

    358a0bf9306269c03ea11f45c0f1ba22

  • SHA1

    3cae791f05bd89d551b8ad202c9420caa7f9a21c

  • SHA256

    da893d1ffb08d9ffda880f0ed93281d819f28f62e2a6c7e246838509c5cc126b

  • SHA512

    1cfa8840b9f534f2b41859d72d88a8a71df896abca5e5bdf3a3e72c4eab274ea9fc47d8c11bf57aea9376a5e6d72a6eb1397845c3b1a4b612f4da4e9d6cc8ce0

  • SSDEEP

    12288:vIcc9FzHDY4Lz6XYdv82Lc+jG6Ehwi3Mo5UjiuY+nuVidYnkeXY+M:e9FzujSG6ElVKJYxkeXY+M

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      da893d1ffb08d9ffda880f0ed93281d819f28f62e2a6c7e246838509c5cc126b

    • Size

      619KB

    • MD5

      358a0bf9306269c03ea11f45c0f1ba22

    • SHA1

      3cae791f05bd89d551b8ad202c9420caa7f9a21c

    • SHA256

      da893d1ffb08d9ffda880f0ed93281d819f28f62e2a6c7e246838509c5cc126b

    • SHA512

      1cfa8840b9f534f2b41859d72d88a8a71df896abca5e5bdf3a3e72c4eab274ea9fc47d8c11bf57aea9376a5e6d72a6eb1397845c3b1a4b612f4da4e9d6cc8ce0

    • SSDEEP

      12288:vIcc9FzHDY4Lz6XYdv82Lc+jG6Ehwi3Mo5UjiuY+nuVidYnkeXY+M:e9FzujSG6ElVKJYxkeXY+M

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks