Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    01d71690f19a4fd8121f03288e7591899bb3480ea09e3a993348097f980b5a34

  • Size

    625KB

  • Sample

    221127-ppc22sgd23

  • MD5

    38650e76e9d023ff90f3fcc92d455a11

  • SHA1

    325839130e3a6eb9ccb48486040ba4b42ca4de62

  • SHA256

    01d71690f19a4fd8121f03288e7591899bb3480ea09e3a993348097f980b5a34

  • SHA512

    84477b3a28d40f132e465e259d6af58c05556c40b37a221306ca634b1b0c774a704b951ce4057ff7e585c523b19239e0b0c7ec5e982dc2c31afca93041d93df1

  • SSDEEP

    12288:hg+gjjwmSK3ALgXgxvFDyfD1XBxzHMT0jZOJk7j4epPfArQyX0kZ2GEV4gB4IjYi:CjjwS3UW0NKhXLNjZzTPIrQu0kZCV4gr

Score
9/10

Malware Config

Targets

    • Target

      01d71690f19a4fd8121f03288e7591899bb3480ea09e3a993348097f980b5a34

    • Size

      625KB

    • MD5

      38650e76e9d023ff90f3fcc92d455a11

    • SHA1

      325839130e3a6eb9ccb48486040ba4b42ca4de62

    • SHA256

      01d71690f19a4fd8121f03288e7591899bb3480ea09e3a993348097f980b5a34

    • SHA512

      84477b3a28d40f132e465e259d6af58c05556c40b37a221306ca634b1b0c774a704b951ce4057ff7e585c523b19239e0b0c7ec5e982dc2c31afca93041d93df1

    • SSDEEP

      12288:hg+gjjwmSK3ALgXgxvFDyfD1XBxzHMT0jZOJk7j4epPfArQyX0kZ2GEV4gB4IjYi:CjjwS3UW0NKhXLNjZzTPIrQu0kZCV4gr

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks