Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0
-
Size
512KB
-
Sample
221128-jdsqgafb42
-
MD5
55ccba07375d6ed9d935415ff7d91b6d
-
SHA1
ba719c0b8b57b851121af678516c78db0931493b
-
SHA256
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0
-
SHA512
944974b466d2ebc7ed1db79d9103a5694bd2e89bc9b3dec45ace75b4d83e5ee2585f900ae3f431bf4643571089103e1e827bef4f970070a05cc2e501667217e0
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4Z:0+h9OY70z+warul3E4Z
Static task
static1
Behavioral task
behavioral1
Sample
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0
-
Size
512KB
-
MD5
55ccba07375d6ed9d935415ff7d91b6d
-
SHA1
ba719c0b8b57b851121af678516c78db0931493b
-
SHA256
890148a014379fd2ce4c89d57ba666d0d46ff626280bd605647e6a7d913357a0
-
SHA512
944974b466d2ebc7ed1db79d9103a5694bd2e89bc9b3dec45ace75b4d83e5ee2585f900ae3f431bf4643571089103e1e827bef4f970070a05cc2e501667217e0
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4Z:0+h9OY70z+warul3E4Z
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-