Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702
-
Size
601KB
-
Sample
221127-m88a7afh8y
-
MD5
e3d3105a8e452ab7dec3cd0c8ac62c74
-
SHA1
79e4e8dabba525b64f66a35e7eeb681f25a7ecc8
-
SHA256
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702
-
SHA512
ea06c245da3e0e4a82192ea399f5ab19d1134de6c680597f2579c5c7183f155c60af01b47bd05596fda391c513b7acced6e55711ab9cf62c202fa1adb68013a7
-
SSDEEP
12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdB:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AH
Static task
static1
Behavioral task
behavioral1
Sample
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702
-
Size
601KB
-
MD5
e3d3105a8e452ab7dec3cd0c8ac62c74
-
SHA1
79e4e8dabba525b64f66a35e7eeb681f25a7ecc8
-
SHA256
6e3ccee6150172d4b39b4639f3cb3ba31b097694adf9c8a7bada415c3660b702
-
SHA512
ea06c245da3e0e4a82192ea399f5ab19d1134de6c680597f2579c5c7183f155c60af01b47bd05596fda391c513b7acced6e55711ab9cf62c202fa1adb68013a7
-
SSDEEP
12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdB:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AH
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-