Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4d168a50948d91343d50928412298a67a7b06321213d79795cfb12d07be3e128
-
Size
625KB
-
Sample
221127-nksfhadc43
-
MD5
b7b43484046f6a2e255462764ffa0784
-
SHA1
749e8c15f8548b08daa7ca29f7465885a80edcd9
-
SHA256
4d168a50948d91343d50928412298a67a7b06321213d79795cfb12d07be3e128
-
SHA512
b5e3f06a1e2b1da179da63b765455bd3eb51431ee2052fd40a9c44a154494cd336e87d32a803f9df9819b194d0e7e7f2cc19569b5502eb049d88892cde8d4234
-
SSDEEP
12288:hg+gjjwmSK3ALgXgxvFDyfD1XBxzHMT0jZOJk7j4epPfArQyX0kZ2GEV4gB4IjYq:CjjwS3UW0NKhXLNjZzTPIrQu0kZCV4g/
Malware Config
Targets
-
-
Target
4d168a50948d91343d50928412298a67a7b06321213d79795cfb12d07be3e128
-
Size
625KB
-
MD5
b7b43484046f6a2e255462764ffa0784
-
SHA1
749e8c15f8548b08daa7ca29f7465885a80edcd9
-
SHA256
4d168a50948d91343d50928412298a67a7b06321213d79795cfb12d07be3e128
-
SHA512
b5e3f06a1e2b1da179da63b765455bd3eb51431ee2052fd40a9c44a154494cd336e87d32a803f9df9819b194d0e7e7f2cc19569b5502eb049d88892cde8d4234
-
SSDEEP
12288:hg+gjjwmSK3ALgXgxvFDyfD1XBxzHMT0jZOJk7j4epPfArQyX0kZ2GEV4gB4IjYq:CjjwS3UW0NKhXLNjZzTPIrQu0kZCV4g/
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-