Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    945060e276978e14a0b296b289dd1b8ac979014f378cde323b70d48087a32238

  • Size

    512KB

  • Sample

    221127-xlrp2aba89

  • MD5

    d29a93e8d5476a44cc2425de57ceef93

  • SHA1

    c8711e14d45b16f90d65124fb3658d7c3ae2aad9

  • SHA256

    945060e276978e14a0b296b289dd1b8ac979014f378cde323b70d48087a32238

  • SHA512

    bea08576cf37d4b87ae7b4f5b4b0289e5ff567269126e83f541b5e3f6bfbbf9169e374980af0cee2f3eee3717d0827820803284c0888dcc6ad875769eba25a6b

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4D:0+h9OY70z+warul3E4D

Score
9/10

Malware Config

Targets

    • Target

      945060e276978e14a0b296b289dd1b8ac979014f378cde323b70d48087a32238

    • Size

      512KB

    • MD5

      d29a93e8d5476a44cc2425de57ceef93

    • SHA1

      c8711e14d45b16f90d65124fb3658d7c3ae2aad9

    • SHA256

      945060e276978e14a0b296b289dd1b8ac979014f378cde323b70d48087a32238

    • SHA512

      bea08576cf37d4b87ae7b4f5b4b0289e5ff567269126e83f541b5e3f6bfbbf9169e374980af0cee2f3eee3717d0827820803284c0888dcc6ad875769eba25a6b

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4D:0+h9OY70z+warul3E4D

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks