Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e

  • Size

    614KB

  • Sample

    221127-ngpkfage5s

  • MD5

    370b0f9fc92c58c0682b6f4f208b5280

  • SHA1

    d9f1418d42aee5df67c40da330964be2bd57382e

  • SHA256

    8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e

  • SHA512

    a66f3bc177b88a3a5be99d89306d1b5d0b153fb4eb2ab9d32d0305e59b2a500a7caa1b4a9dc85e070a56a37b08c2c51c613448f57275ed840573a8edf66eb91c

  • SSDEEP

    12288:WRT0gZpHvuDZKHHw2WNWI0tTYbuMKu5R7Uw5JEAY+s:+ZpHSKHHw08b20UVAY+s

Score
9/10

Malware Config

Targets

    • Target

      8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e

    • Size

      614KB

    • MD5

      370b0f9fc92c58c0682b6f4f208b5280

    • SHA1

      d9f1418d42aee5df67c40da330964be2bd57382e

    • SHA256

      8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e

    • SHA512

      a66f3bc177b88a3a5be99d89306d1b5d0b153fb4eb2ab9d32d0305e59b2a500a7caa1b4a9dc85e070a56a37b08c2c51c613448f57275ed840573a8edf66eb91c

    • SSDEEP

      12288:WRT0gZpHvuDZKHHw2WNWI0tTYbuMKu5R7Uw5JEAY+s:+ZpHSKHHw08b20UVAY+s

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks