Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad738cf10ea0abbb1324d5ad28d1a7f4120f22bb8ae8362a26ddf5e19fcecd2a
-
Size
538KB
-
Sample
221128-cphajsgb62
-
MD5
4548b65eaeb941cd7f7158822186175f
-
SHA1
4dbd941669aa82a48cd5dffddb2b0e7857307575
-
SHA256
ad738cf10ea0abbb1324d5ad28d1a7f4120f22bb8ae8362a26ddf5e19fcecd2a
-
SHA512
95048a1ac8c649df8d4e0115b6113b7e892bde117d87cf46b1156832fd555c89b8351b18fb1e35772682dabd552974d1995401b7220f952b35507cec3d256a90
-
SSDEEP
12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5
Malware Config
Targets
-
-
Target
ad738cf10ea0abbb1324d5ad28d1a7f4120f22bb8ae8362a26ddf5e19fcecd2a
-
Size
538KB
-
MD5
4548b65eaeb941cd7f7158822186175f
-
SHA1
4dbd941669aa82a48cd5dffddb2b0e7857307575
-
SHA256
ad738cf10ea0abbb1324d5ad28d1a7f4120f22bb8ae8362a26ddf5e19fcecd2a
-
SHA512
95048a1ac8c649df8d4e0115b6113b7e892bde117d87cf46b1156832fd555c89b8351b18fb1e35772682dabd552974d1995401b7220f952b35507cec3d256a90
-
SSDEEP
12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-