Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

571a00e9f2...3f.exe

windows7-x64

9

571a00e9f2...3f.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    571a00e9f20b5ec0098d03658bc4bb9a5f93bc7531bf3cfce03bcf95ed5db23f

  • Size

    512KB

  • Sample

    221127-nbqkjsce79

  • MD5

    cabd8bf5bdee3989b861cd7aecb0bdec

  • SHA1

    263e485979c552fb368566e56656270640e02d63

  • SHA256

    571a00e9f20b5ec0098d03658bc4bb9a5f93bc7531bf3cfce03bcf95ed5db23f

  • SHA512

    5c47a1debcc768825513c8e8f91ad01e386ef8e48cf2d48241fe8c34c91b72f725736de5215e9d6bc8d9ed9ad1902893f7abffbb6a3f8665e0bba085224c5bb4

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E47:0+h9OY70z+warul3E47

Score
9/10
evasion

Malware Config

Targets

    • Target

      571a00e9f20b5ec0098d03658bc4bb9a5f93bc7531bf3cfce03bcf95ed5db23f

    • Size

      512KB

    • MD5

      cabd8bf5bdee3989b861cd7aecb0bdec

    • SHA1

      263e485979c552fb368566e56656270640e02d63

    • SHA256

      571a00e9f20b5ec0098d03658bc4bb9a5f93bc7531bf3cfce03bcf95ed5db23f

    • SHA512

      5c47a1debcc768825513c8e8f91ad01e386ef8e48cf2d48241fe8c34c91b72f725736de5215e9d6bc8d9ed9ad1902893f7abffbb6a3f8665e0bba085224c5bb4

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E47:0+h9OY70z+warul3E47

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks