Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929
-
Size
512KB
-
Sample
221128-bbl6xage5y
-
MD5
e55115ba1ebf7d08b5f109ddb9f4a1aa
-
SHA1
06fd532734e51404c9d5e79157a0a1f4258e0356
-
SHA256
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929
-
SHA512
e2e51223d878e38e6f3dd9b69fd9ba66f8ac58da65f8c94a0a3a2a8c469482d034f6b01ad2c946334ba777e4cb0d1c8b95fd71a1c15d31b588c1f25092cd42ea
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4h:0+h9OY70z+warul3E4h
Static task
static1
Behavioral task
behavioral1
Sample
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929
-
Size
512KB
-
MD5
e55115ba1ebf7d08b5f109ddb9f4a1aa
-
SHA1
06fd532734e51404c9d5e79157a0a1f4258e0356
-
SHA256
f686cff97cf179ffe28a28d3a25a9f2f12a52060a2ef535d297a4153b6c0f929
-
SHA512
e2e51223d878e38e6f3dd9b69fd9ba66f8ac58da65f8c94a0a3a2a8c469482d034f6b01ad2c946334ba777e4cb0d1c8b95fd71a1c15d31b588c1f25092cd42ea
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4h:0+h9OY70z+warul3E4h
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-