Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02640f2a7121d7bf1ac55ddb5fa44bbaaadb76cc00925555a506a52639fcaf8e

  • Size

    690KB

  • Sample

    221128-fc77zsfd65

  • MD5

    adcaa924811a0fe41126f8c12349c7cc

  • SHA1

    f6591b78a64f5815ddca7f58868fdd253ae1b964

  • SHA256

    02640f2a7121d7bf1ac55ddb5fa44bbaaadb76cc00925555a506a52639fcaf8e

  • SHA512

    d4d49e51aa59693d65697bc91c2c8cee0f5aecc65cd5419552bb27d1798aab6ba2cacc086a8ec3fa865115d090d4d6bda889a45df8e840513a2d7db6ef3065ad

  • SSDEEP

    12288:xC/6UNEwQIJnv+PfT5YYdMqpqhZVt75eMUKYX3SjVUujECfhpmDff9w3d7S:xSNN5bI3tuVtNhYX3qzQzadS

Malware Config

Targets

    • Target

      02640f2a7121d7bf1ac55ddb5fa44bbaaadb76cc00925555a506a52639fcaf8e

    • Size

      690KB

    • MD5

      adcaa924811a0fe41126f8c12349c7cc

    • SHA1

      f6591b78a64f5815ddca7f58868fdd253ae1b964

    • SHA256

      02640f2a7121d7bf1ac55ddb5fa44bbaaadb76cc00925555a506a52639fcaf8e

    • SHA512

      d4d49e51aa59693d65697bc91c2c8cee0f5aecc65cd5419552bb27d1798aab6ba2cacc086a8ec3fa865115d090d4d6bda889a45df8e840513a2d7db6ef3065ad

    • SSDEEP

      12288:xC/6UNEwQIJnv+PfT5YYdMqpqhZVt75eMUKYX3SjVUujECfhpmDff9w3d7S:xSNN5bI3tuVtNhYX3qzQzadS

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks