Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929

  • Size

    512KB

  • Sample

    221128-bbl6xage5y

  • MD5

    e55115ba1ebf7d08b5f109ddb9f4a1aa

  • SHA1

    06fd532734e51404c9d5e79157a0a1f4258e0356

  • SHA256

    f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929

  • SHA512

    e2e51223d878e38e6f3dd9b69fd9ba66f8ac58da65f8c94a0a3a2a8c469482d034f6b01ad2c946334ba777e4cb0d1c8b95fd71a1c15d31b588c1f25092cd42ea

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4h:0+h9OY70z+warul3E4h

Score
9/10

Malware Config

Targets

    • Target

      f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929

    • Size

      512KB

    • MD5

      e55115ba1ebf7d08b5f109ddb9f4a1aa

    • SHA1

      06fd532734e51404c9d5e79157a0a1f4258e0356

    • SHA256

      f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929

    • SHA512

      e2e51223d878e38e6f3dd9b69fd9ba66f8ac58da65f8c94a0a3a2a8c469482d034f6b01ad2c946334ba777e4cb0d1c8b95fd71a1c15d31b588c1f25092cd42ea

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4h:0+h9OY70z+warul3E4h

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks