Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3baa39282f8f04ad1186fa4ed1c45983023199ee27f07e0b8bff356e2893d62f

  • Size

    601KB

  • Sample

    221127-r2spdaaa9z

  • MD5

    738b0722e3adcae42f707760384dad54

  • SHA1

    87a4ae528aefdf5e11f672f49d32f7928234a9bc

  • SHA256

    3baa39282f8f04ad1186fa4ed1c45983023199ee27f07e0b8bff356e2893d62f

  • SHA512

    53183b349e46a2c5ed78246afac401ed26c96e31a8b7b4bb29a146833643843628891d2bd5644eafe357ade303a9092171ed810b5c46cd7bf00e15747e329b4e

  • SSDEEP

    12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAd1:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4A3

Score
9/10

Malware Config

Targets

    • Target

      3baa39282f8f04ad1186fa4ed1c45983023199ee27f07e0b8bff356e2893d62f

    • Size

      601KB

    • MD5

      738b0722e3adcae42f707760384dad54

    • SHA1

      87a4ae528aefdf5e11f672f49d32f7928234a9bc

    • SHA256

      3baa39282f8f04ad1186fa4ed1c45983023199ee27f07e0b8bff356e2893d62f

    • SHA512

      53183b349e46a2c5ed78246afac401ed26c96e31a8b7b4bb29a146833643843628891d2bd5644eafe357ade303a9092171ed810b5c46cd7bf00e15747e329b4e

    • SSDEEP

      12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAd1:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4A3

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks