Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

d401b231cd...61.exe

windows7-x64

9

d401b231cd...61.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d401b231cd277a6b636f366a253a8f4f04387c44a2692b634ac8741100999761

  • Size

    512KB

  • Sample

    221127-vcpg7scg62

  • MD5

    1af2122f6d6e1110234fd16d2d3ffd5d

  • SHA1

    54f7e062ed3c0832f87fbdbca3e6bf42e9c2b7fd

  • SHA256

    d401b231cd277a6b636f366a253a8f4f04387c44a2692b634ac8741100999761

  • SHA512

    6d4d93f6dd71069f4115efd43e0bebfade4d9619eb4021a4cdf048ddc022ed6b13e729bfdc84e319e46d2ed00864dd943cf00b0b2e29b5427a2046a5e622e905

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4F:0+h9OY70z+warul3E4F

Score
9/10
evasion

Malware Config

Targets

    • Target

      d401b231cd277a6b636f366a253a8f4f04387c44a2692b634ac8741100999761

    • Size

      512KB

    • MD5

      1af2122f6d6e1110234fd16d2d3ffd5d

    • SHA1

      54f7e062ed3c0832f87fbdbca3e6bf42e9c2b7fd

    • SHA256

      d401b231cd277a6b636f366a253a8f4f04387c44a2692b634ac8741100999761

    • SHA512

      6d4d93f6dd71069f4115efd43e0bebfade4d9619eb4021a4cdf048ddc022ed6b13e729bfdc84e319e46d2ed00864dd943cf00b0b2e29b5427a2046a5e622e905

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4F:0+h9OY70z+warul3E4F

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks