Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bd45304812dc02ed53a382f13d90bb0d0f1ca43d08944a64c2279ed9e1c67244

  • Size

    512KB

  • Sample

    221127-psn9gscc4z

  • MD5

    e3abd1e6a7087cfc900d1f2dd9d8b509

  • SHA1

    7af7537c62643b89212ac3911c32f70b76518e18

  • SHA256

    bd45304812dc02ed53a382f13d90bb0d0f1ca43d08944a64c2279ed9e1c67244

  • SHA512

    3eae8c279ba51000b0eb7bdf9b242f8b37a97df426067a5489a43f9917c0b119aaba937666ef0bee9915dd872d3824a173c409d9a59ec78072909f1547ae0e17

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4n:0+h9OY70z+warul3E4n

Score
9/10

Malware Config

Targets

    • Target

      bd45304812dc02ed53a382f13d90bb0d0f1ca43d08944a64c2279ed9e1c67244

    • Size

      512KB

    • MD5

      e3abd1e6a7087cfc900d1f2dd9d8b509

    • SHA1

      7af7537c62643b89212ac3911c32f70b76518e18

    • SHA256

      bd45304812dc02ed53a382f13d90bb0d0f1ca43d08944a64c2279ed9e1c67244

    • SHA512

      3eae8c279ba51000b0eb7bdf9b242f8b37a97df426067a5489a43f9917c0b119aaba937666ef0bee9915dd872d3824a173c409d9a59ec78072909f1547ae0e17

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4n:0+h9OY70z+warul3E4n

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks