Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

e6b2eabf7c...1b.exe

windows7-x64

9

e6b2eabf7c...1b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6b2eabf7ccc76b473fe007f1d02fb3d262ee432a47b19385b8ce94f6225e11b

  • Size

    624KB

  • Sample

    221127-ln87babg7x

  • MD5

    83214beabe78e7e107f5294d3c084252

  • SHA1

    d960e29aac8202dac1e603a039e4a0901d8249b2

  • SHA256

    e6b2eabf7ccc76b473fe007f1d02fb3d262ee432a47b19385b8ce94f6225e11b

  • SHA512

    db097e53b2624e247bc2ed58c3f1ed1a615d7160cfddd9082243a72cc505da3337fde2287ee4014e9cc2d99b6d10bc3328faf4b5d3d4d0189b7fb1934b57e7e0

  • SSDEEP

    12288:p93rW92itxpUGx1I/mCEUaQ9b0WF+cf6vDbRI4LBvhRybnlf61Y+t:3W92kUGx/s9bSvDbRlJ0bn81Y+t

Score
9/10
evasion

Malware Config

Targets

    • Target

      e6b2eabf7ccc76b473fe007f1d02fb3d262ee432a47b19385b8ce94f6225e11b

    • Size

      624KB

    • MD5

      83214beabe78e7e107f5294d3c084252

    • SHA1

      d960e29aac8202dac1e603a039e4a0901d8249b2

    • SHA256

      e6b2eabf7ccc76b473fe007f1d02fb3d262ee432a47b19385b8ce94f6225e11b

    • SHA512

      db097e53b2624e247bc2ed58c3f1ed1a615d7160cfddd9082243a72cc505da3337fde2287ee4014e9cc2d99b6d10bc3328faf4b5d3d4d0189b7fb1934b57e7e0

    • SSDEEP

      12288:p93rW92itxpUGx1I/mCEUaQ9b0WF+cf6vDbRI4LBvhRybnlf61Y+t:3W92kUGx/s9bSvDbRlJ0bn81Y+t

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks