Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e
-
Size
614KB
-
Sample
221127-ngpkfage5s
-
MD5
370b0f9fc92c58c0682b6f4f208b5280
-
SHA1
d9f1418d42aee5df67c40da330964be2bd57382e
-
SHA256
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e
-
SHA512
a66f3bc177b88a3a5be99d89306d1b5d0b153fb4eb2ab9d32d0305e59b2a500a7caa1b4a9dc85e070a56a37b08c2c51c613448f57275ed840573a8edf66eb91c
-
SSDEEP
12288:WRT0gZpHvuDZKHHw2WNWI0tTYbuMKu5R7Uw5JEAY+s:+ZpHSKHHw08b20UVAY+s
Static task
static1
Behavioral task
behavioral1
Sample
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e
-
Size
614KB
-
MD5
370b0f9fc92c58c0682b6f4f208b5280
-
SHA1
d9f1418d42aee5df67c40da330964be2bd57382e
-
SHA256
8ecab003ccbe30df1ff8a3ff2d0e1186eb96b19cc3935f82c887a3e2f232ef9e
-
SHA512
a66f3bc177b88a3a5be99d89306d1b5d0b153fb4eb2ab9d32d0305e59b2a500a7caa1b4a9dc85e070a56a37b08c2c51c613448f57275ed840573a8edf66eb91c
-
SSDEEP
12288:WRT0gZpHvuDZKHHw2WNWI0tTYbuMKu5R7Uw5JEAY+s:+ZpHSKHHw08b20UVAY+s
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-