Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

6ee540c019...eb.exe

windows7-x64

9

6ee540c019...eb.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ee540c019ca95d77566866d8fc1f8f8bf57b387c6d7001dc543bb623a0f11eb

  • Size

    512KB

  • Sample

    221128-aeqstshh52

  • MD5

    e1618988f1fc789e323d15d796fb0ce8

  • SHA1

    50631616f4bbcae988e174ed66490d9aac4b76ec

  • SHA256

    6ee540c019ca95d77566866d8fc1f8f8bf57b387c6d7001dc543bb623a0f11eb

  • SHA512

    53c9cbecfc49765977ff8a5801904b1da3772b4358a9bbfe7907a2044326f5afff3f8977f55d86ff8e76bd9771b044aefd951df49e76e08483c77b3b665a1c51

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4J:0+h9OY70z+warul3E4J

Score
9/10
evasion

Malware Config

Targets

    • Target

      6ee540c019ca95d77566866d8fc1f8f8bf57b387c6d7001dc543bb623a0f11eb

    • Size

      512KB

    • MD5

      e1618988f1fc789e323d15d796fb0ce8

    • SHA1

      50631616f4bbcae988e174ed66490d9aac4b76ec

    • SHA256

      6ee540c019ca95d77566866d8fc1f8f8bf57b387c6d7001dc543bb623a0f11eb

    • SHA512

      53c9cbecfc49765977ff8a5801904b1da3772b4358a9bbfe7907a2044326f5afff3f8977f55d86ff8e76bd9771b044aefd951df49e76e08483c77b3b665a1c51

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4J:0+h9OY70z+warul3E4J

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks