Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b9bc164ba1390dc0428ae4cf33d39bac31b65c5b77df85ec9c6cf35cb9c9575b

  • Size

    512KB

  • Sample

    221127-yetrgsdd79

  • MD5

    311a21153bd56f4533fb69ff95e420bd

  • SHA1

    edb0dfd5191b0a2e74508f346f3565daabad4338

  • SHA256

    b9bc164ba1390dc0428ae4cf33d39bac31b65c5b77df85ec9c6cf35cb9c9575b

  • SHA512

    81622b1a83fa3675f4e807999a5f8acecd25d70649e9d2fced91164bea1183cf0f6d45fa229f2e5b0ff51866ef42edf0dde5ddf7ce2c527d7e904007ba0ac09d

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4R:0+h9OY70z+warul3E4R

Score
9/10

Malware Config

Targets

    • Target

      b9bc164ba1390dc0428ae4cf33d39bac31b65c5b77df85ec9c6cf35cb9c9575b

    • Size

      512KB

    • MD5

      311a21153bd56f4533fb69ff95e420bd

    • SHA1

      edb0dfd5191b0a2e74508f346f3565daabad4338

    • SHA256

      b9bc164ba1390dc0428ae4cf33d39bac31b65c5b77df85ec9c6cf35cb9c9575b

    • SHA512

      81622b1a83fa3675f4e807999a5f8acecd25d70649e9d2fced91164bea1183cf0f6d45fa229f2e5b0ff51866ef42edf0dde5ddf7ce2c527d7e904007ba0ac09d

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4R:0+h9OY70z+warul3E4R

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks